HackerTrans
TopNewTrendsCommentsPastAskShowJobs

aunicall

no profile record

Submissions

Why I'm moving away from Regex for LLM Agent security

3 points·by aunicall·4 месяца назад·2 comments

Analyzing OpenClaw's 3-layer defense against prompt injection

1 points·by aunicall·4 месяца назад·0 comments

comments

aunicall
·4 месяца назад·discuss
This is exactly the right philosophy for the Agent era: Defense in Depth.

We’ve seen too many projects trying to 'solve' agent security solely by adding more system prompts, which we all know are fragile. Since prompt injection can't be 100% prevented today, treating agents as 'semi-trusted' and isolating credentials is the only pragmatic fallback.

As someone working on the detection side of this problem, I see CredProxy as the perfect second line of defense. If the detector misses a sophisticated injection, the blast radius is still contained because the agent never touches the raw secrets. Great work.