Threat explainer

MCP security

Tool poisoning, overbroad permissions, and shadow MCP servers.

Install HOL GuardProtect a team

MCP lets agents use tools. Bad tools can lie or overreach.

MCP risk clusters around tool description poisoning, token exposure, command injection, and audit gaps.

HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.

Harness setup guides

Protect the coding tools your team already uses without forcing everyone to become a security expert.

harness

Codex

Terminal-native coding agent with broad shell reach.

Open guide

harness

Claude Code

Agentic coding harness with MCP and file access.

Open guide

harness

Cursor

AI-first IDE with repo and terminal context.

Open guide

Redacted warnings

Real protection moments, scrubbed for safety before becoming public learning pages.

codex

Codex was stopped before reading an env file

A redacted example of a local secret read attempt.

Open guide

Safe labs

Practice attack patterns with static simulations. Nothing dangerous executes.

mcp-tool-poisoning

MCP tool poisoning demo

Inspect a fake MCP tool description before it can mislead an agent.

Open guide