Data overexposure
When AI agents read more files than needed and leak sensitive data into context windows, logs, or external tools.
AI tools read files. Sometimes they read too much and expose private data.
Data overexposure occurs when an agent reads files beyond its task scope — credentials, PII, proprietary code — and passes them to an LLM context window, external tool, or log that creates a leak path.
HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.
Harness setup guides
Protect the coding tools your team already uses without forcing everyone to become a security expert.
harness
Claude Code
Agentic coding harness with MCP and file access.
Open guideharness
GitHub Copilot
IDE and CLI assistant across code and terminal flows.
Open guideharness
Cursor
AI-first IDE with repo and terminal context.
Open guideharness
Gemini CLI
Command-line agent workflow for local projects.
Open guideRedacted warnings
Real protection moments, scrubbed for safety before becoming public learning pages.
codex
Codex was stopped before reading an env file
A redacted example of a local secret read attempt.
Open guideclaude-code
Claude Code was stopped before calling an untrusted MCP tool
A redacted example of an MCP tool with a misleading description.
Open guidecursor
Cursor was stopped before following a hidden instruction
A redacted example of a prompt injection via a file comment.
Open guideopencode
OpenCode was stopped before running a malicious postinstall script
A redacted example of a supply-chain attack via npm install.
Open guideSafe labs
Practice attack patterns with static simulations. Nothing dangerous executes.