Workspace trust boundaries
How AI agents cross workspace boundaries — reading other projects, team configs, and monorepo secrets.
AI tools can see files outside your project. That can leak data across teams.
Workspace trust boundary violations occur when an agent reads files from adjacent projects, shared monorepo configs, or team-wide credentials that fall outside its intended task scope.
HOL Guard turns these moments into private receipts first, then public lessons only after redaction and moderation.
Harness setup guides
Protect the coding tools your team already uses without forcing everyone to become a security expert.
harness
Codex
Terminal-native coding agent with broad shell reach.
Open guideharness
Claude Code
Agentic coding harness with MCP and file access.
Open guideharness
GitHub Copilot
IDE and CLI assistant across code and terminal flows.
Open guideharness
Cursor
AI-first IDE with repo and terminal context.
Open guideRedacted warnings
Real protection moments, scrubbed for safety before becoming public learning pages.
codex
Codex was stopped before reading an env file
A redacted example of a local secret read attempt.
Open guideclaude-code
Claude Code was stopped before calling an untrusted MCP tool
A redacted example of an MCP tool with a misleading description.
Open guidecursor
Cursor was stopped before following a hidden instruction
A redacted example of a prompt injection via a file comment.
Open guideopencode
OpenCode was stopped before running a malicious postinstall script
A redacted example of a supply-chain attack via npm install.
Open guideSafe labs
Practice attack patterns with static simulations. Nothing dangerous executes.