Threat explainer

AI harness supply chain

Package install, skill install, and tool bootstrap risks for AI coding.

Install HOL GuardProtect a team

Install steps can change what your agent trusts.

AI harness supply-chain attacks combine package metadata, postinstall scripts, and agent-readable config files.

HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.

Harness setup guides

Protect the coding tools your team already uses without forcing everyone to become a security expert.

harness

Codex

Terminal-native coding agent with broad shell reach.

Open guide

harness

OpenCode

Open-source agent harness for local coding loops.

Open guide

harness

Gemini CLI

Command-line agent workflow for local projects.

Open guide

Redacted warnings

Real protection moments, scrubbed for safety before becoming public learning pages.

codex

Codex was stopped before reading an env file

A redacted example of a local secret read attempt.

Open guide

Safe labs

Practice attack patterns with static simulations. Nothing dangerous executes.

secret-exfiltration

Secret exfiltration drill

Practice spotting a secret read request without exposing real secrets.

Open guide

supply-chain

Supply-chain install check

Walk through a simulated install that tries to change agent trust.

Open guide