Model data egress
How AI agents send your code, prompts, and data to external LLM APIs and model endpoints.
AI tools send your code to cloud APIs. You should know where it goes.
Model egress risk arises when an agent sends proprietary code, internal context, or user data to a remote LLM API — potentially leaking IP to model providers or third-party inference endpoints.
HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.
Harness setup guides
Protect the coding tools your team already uses without forcing everyone to become a security expert.
harness
Claude Code
Agentic coding harness with MCP and file access.
Open guideharness
GitHub Copilot
IDE and CLI assistant across code and terminal flows.
Open guideharness
Cursor
AI-first IDE with repo and terminal context.
Open guideharness
Gemini CLI
Command-line agent workflow for local projects.
Open guideRedacted warnings
Real protection moments, scrubbed for safety before becoming public learning pages.
codex
Codex was stopped before reading an env file
A redacted example of a local secret read attempt.
Open guideclaude-code
Claude Code was stopped before calling an untrusted MCP tool
A redacted example of an MCP tool with a misleading description.
Open guidecursor
Cursor was stopped before following a hidden instruction
A redacted example of a prompt injection via a file comment.
Open guideopencode
OpenCode was stopped before running a malicious postinstall script
A redacted example of a supply-chain attack via npm install.
Open guideSafe labs
Practice attack patterns with static simulations. Nothing dangerous executes.