HackerTrans
トップ新着トレンドコメント過去質問紹介求人

aunicall

no profile record

投稿

Why I'm moving away from Regex for LLM Agent security

3 ポイント·投稿者 aunicall·4 か月前·2 コメント

Analyzing OpenClaw's 3-layer defense against prompt injection

1 ポイント·投稿者 aunicall·4 か月前·0 コメント

コメント

aunicall
·4 か月前·議論
This is exactly the right philosophy for the Agent era: Defense in Depth.

We’ve seen too many projects trying to 'solve' agent security solely by adding more system prompts, which we all know are fragile. Since prompt injection can't be 100% prevented today, treating agents as 'semi-trusted' and isolating credentials is the only pragmatic fallback.

As someone working on the detection side of this problem, I see CredProxy as the perfect second line of defense. If the detector misses a sophisticated injection, the blast radius is still contained because the agent never touches the raw secrets. Great work.