Secret exfiltration
How attackers use AI agents to leak API keys, tokens, and credentials from your environment.
AI tools can read secrets. Attackers trick them into sending those secrets outside.
Secret exfiltration happens when an agent reads .env files, environment variables, or credential stores and passes them to external endpoints via tool calls, web requests, or log output.
HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.
Harness setup guides
Protect the coding tools your team already uses without forcing everyone to become a security expert.
harness
Codex
Terminal-native coding agent with broad shell reach.
Open guideharness
Claude Code
Agentic coding harness with MCP and file access.
Open guideharness
GitHub Copilot
IDE and CLI assistant across code and terminal flows.
Open guideharness
Cursor
AI-first IDE with repo and terminal context.
Open guideRedacted warnings
Real protection moments, scrubbed for safety before becoming public learning pages.
codex
Codex was stopped before reading an env file
A redacted example of a local secret read attempt.
Open guideclaude-code
Claude Code was stopped before calling an untrusted MCP tool
A redacted example of an MCP tool with a misleading description.
Open guidecursor
Cursor was stopped before following a hidden instruction
A redacted example of a prompt injection via a file comment.
Open guideopencode
OpenCode was stopped before running a malicious postinstall script
A redacted example of a supply-chain attack via npm install.
Open guideSafe labs
Practice attack patterns with static simulations. Nothing dangerous executes.