Threat explainer

Prompt injection

How hidden instructions trick coding agents into unsafe work.

Install HOL GuardProtect a team

A prompt injection is a trick note for an AI tool.

Model context can carry hostile instructions from files, pages, issues, or package metadata into privileged tool calls.

HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.

Harness setup guides

Protect the coding tools your team already uses without forcing everyone to become a security expert.

harness

Codex

Terminal-native coding agent with broad shell reach.

Open guide

harness

Claude Code

Agentic coding harness with MCP and file access.

Open guide

harness

GitHub Copilot

IDE and CLI assistant across code and terminal flows.

Open guide

harness

Cursor

AI-first IDE with repo and terminal context.

Open guide

Redacted warnings

Real protection moments, scrubbed for safety before becoming public learning pages.

codex

Codex was stopped before reading an env file

A redacted example of a local secret read attempt.

Open guide

Safe labs

Practice attack patterns with static simulations. Nothing dangerous executes.

prompt-injection

Prompt injection replay

See how hidden text tries to override your instructions.

Open guide