HOL Guard Security Atlas

A living map of what AI coding agents try to do.

Learn the risky patterns behind blocked commands, MCP tools, skills, plugins, and agent prompts. Every public warning is redacted before it teaches anyone else.

Install HOL GuardProtect a team
Redacted by default
No raw prompts
No private paths
Noindex until moderated

Start with the threat, not the jargon

Each guide begins with a plain-English explanation, then opens into deeper controls and examples.

prompt-injection

Prompt injection

A prompt injection is a trick note for an AI tool.

Open guide

mcp-tool-poisoning

MCP security

MCP lets agents use tools. Bad tools can lie or overreach.

Open guide

supply-chain

Skill and plugin safety

Agent skills are tiny helpers. Some helpers ask for too much.

Open guide

supply-chain

AI harness supply chain

Install steps can change what your agent trusts.

Open guide

supply-chain

CVE and advisory map

Some known software bugs matter more when agents can use tools.

Open guide

prompt-injection

Community warnings

Learn from blocked actions without exposing private work.

Open guide

Harness setup guides

Protect the coding tools your team already uses without forcing everyone to become a security expert.

harness

Codex

Terminal-native coding agent with broad shell reach.

Open guide

harness

Claude Code

Agentic coding harness with MCP and file access.

Open guide

harness

OpenCode

Open-source agent harness for local coding loops.

Open guide

harness

GitHub Copilot

IDE and CLI assistant across code and terminal flows.

Open guide

harness

Cursor

AI-first IDE with repo and terminal context.

Open guide

harness

Gemini CLI

Command-line agent workflow for local projects.

Open guide

harness

Hermes

Agent harness for skill and tool orchestration.

Open guide

harness

OpenClaw

Open agent workspace with pluggable tools.

Open guide

Redacted warnings

Real protection moments, scrubbed for safety before becoming public learning pages.

codex

Codex was stopped before reading an env file

A redacted example of a local secret read attempt.

Open guide

Safe labs

Practice attack patterns with static simulations. Nothing dangerous executes.

prompt-injection

Prompt injection replay

See how hidden text tries to override your instructions.

Open guide

mcp-tool-poisoning

MCP tool poisoning demo

Inspect a fake MCP tool description before it can mislead an agent.

Open guide

secret-exfiltration

Secret exfiltration drill

Practice spotting a secret read request without exposing real secrets.

Open guide

supply-chain

Supply-chain install check

Walk through a simulated install that tries to change agent trust.

Open guide

Curated advisories

Only enriched explainers are indexable; raw CVE imports stay hidden until useful.

mcp-tool-poisoning

MCP tool description poisoning

How misleading MCP descriptions can redirect agent behavior.

Open guide