ATBASH

Agents are NOT fast humans with APIs. The actor changed while most control assumptions did NOT. Prompts increasingly become execution paths. Delegated trust becomes dangerous once agents chain tools autonomously. Antivirus was built for human-operated machines. Agents increasingly operate themselves. Layer-1 infrastructure for agents is coming fast. That makes secondary execution boundaries even more important, not less. Some irreversible agent actions need a second authority boundary before execution. Almost like 2FA for real-world consequence. Appreciate the thoughtful replies, quote-posts, and people who pushed the article into corners of the internet we would not have reached ourselves.

@Docker @ajeetsraina

Deleted files. Leaked secrets. Broken configs. Agents going off the rails at machine speed. Welcome to the new ‘AI Coding Agent Horror Stories’ series! @ajeetsraina delves into recent, real-world incidents, & what teams can do when agents act autonomously. Read issue 1: bit.ly/4frus3q

I wonder if there is someone controlling the boundary for agent actions to prevent these nightmares from happening

Sidelined on security?

@teneo_protocol Great to see early agentic adopters like yourselves agreeing with us

This is the right frame. Agents are not just faster users, and inherited trust breaks down fast once tools, memory, delegation, and execution start chaining together. The next layer of agent infrastructure has to reason about boundaries before consequence, not just permissions after the fact.

All it takes is one device and one poisoned tool and it can happen to the best amongst us. Chances of Agent Workflows getting exposed rise by the hour, controlling their actions before they cause damage is what matters.

@NVIDIAAI x.com/atbashai/statu…

@NVIDIAAI In our test beta environment we had an agent launder and authenticate a malicious skill. Controlling boundary is the key imho!

How to Authenticate Agent Skills Before Execution | Nemotron Labs x.com/i/broadcasts/1…

@Black_Flamezz Most importantly we control the boundary, you setup the red lines of what you don’t want your agent ever to do, we enforce it.

Some of the key benefits of @ATBASHai •Prevents harmful AI behavior in real time •Blocks exploits, jailbreaks, scams, or unsafe commands •Protects autonomous AI agents handling wallets, emails, APIs, etc. •Reduces reliance on manual developer intervention

@Google @antigravity We cannot wait to integrate with you guys

Introducing Gemini Spark ✨ It’s your 24/7 personal AI agent that helps you navigate your digital life, taking action on your behalf, and under your direction. 🧠 It runs on Gemini 3.5 and is built on @Antigravity, so it can perform long-running tasks easily in the background. ⏱️ And because it runs on dedicated virtual machines on Google Cloud, you don’t even need to keep your laptop open. 🧰 Spark will integrate seamlessly with Google tools, and soon with third parties through MCP. #GoogleIO

@noweyxixi @The_Pitch_Man They don’t but they should.

@The_Pitch_Man @ATBASHai It would be interesting if BNKR also uses ATBASHai

Do you know that assuming bankr was making use of @ATBASHai tek It would have triggered and halted everything itself on certain instructions without waiting for the devs to do so, cause that's what ATBASH is, a security limit layer for the safety of AI users and non ai users

@The_Pitch_Man Since there is not enough information regarding incident we cannot publicly comment, however you are right that our kill-switch aka jail feature does jail agents if they were suspected of be tempered with.

@karpathy You have inspired, educated and guided us and many others on our journeys. Now it’s up to us to put the knowledge you gave to a good use. See you in grad school.

Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time.

@Guguzinhoth @The_Pitch_Man We make sure agents don't go over the red lines which could cause you damage.

@The_Pitch_Man @ATBASHai True, what’s the main use case for @ATBASHai?

Every and all ai users will need @ATBASHai It's an essential product

@Blue_Eye_Mizu @The_Pitch_Man Please drop a request for a CLI or the dashboard and team will send you the docs

@The_Pitch_Man @ATBASHai Well I use AI and this is the first time I'm hearing of ATBASH , so I dropped them a follow. I'm trying them out today

Agents are not fast humans with APIs thats a fallacy and the entire world is looking at them as if they are. Humans use computers, agents act themselves. Human has instincts agents do not. In our beta environment we caught agent laundering malicious skills, recommend reading x.com/ATBASHai/statu…

It’s possible technology changes this. But right now, AI agents aren’t truly autonomous. They are built for the prompt, bots on a leash. Amplified intelligence as wholly distinct from truly artificial intelligence. The much-cited METR study doesn’t change that. Read the critique linked below; it notes that there METR shows a sigmoid on the messiest tasks. Even anecdotally…agentic workflows absolutely do help, and time horizons have been lengthening since Claude Cowork. But it’s just not the panacea it’s made out to be. Human prompting and verification remains the bottleneck, because digital AI only does it middle-to-middle, not end-to-end. Anyway: in the absence of constant human verification, it’s extraordinarily easy to fill a codebase with economically irrelevant slop. It’s the principal/agent problem all over again, with human principals and AI agents. High agency actually means exerting high levels of human control over highly expensive agents. transformernews.ai/p/against-the-…

Every AI agent ultimately has a human principal.

In the situation where two devs argue: both of them learn, and usually come up with a better approach for the team/project/business. Sometimes it's not even X or Y, but a third option. With an LLM, the LLM never learns. It also doesn't push back, so the dev learns nothing from that interaction either

Situation 1: dev A thinks approach X is correct, dev B thinks Y is the right way. They argue and try to convince each other. Situation 2: dev A thinks approach X is correct, tells the LLM to implement it. There is SO MUCH learning in Situation 1, lost when using LLMs....

@claudeai This is huge for agents, and thank you for thinking about agent security. Agents need ability to move freely within confined spaces to make sure they produce best results.

Live from Code with Claude London: we're launching self-hosted sandboxes (public beta) and MCP tunnels (research preview) in Claude Managed Agents. Run agents inside your own perimeter, with your security controls applied by default.

@ivanmiskovic Exactly

@ATBASHai Pre-execution, pre-prompting, the pre- economy before AI does something (the intended thing) will be huge

@web3faruk @The_Pitch_Man @VitalikButerin Sign up on our website for CLi access

@The_Pitch_Man @ATBASHai @VitalikButerin Exactly. Innovation moves faster when security is built in from the start, not added later. ATBASH’s BLOCK, ALLOW, PASS layer makes safer AI development feel practical, not restrictive.

With @ATBASHai devs can comfortably create/develop ai that can do alot of insane things Why? Because ATBASH is a security limit layer to keep ai users and users in general safe. BLOCK, ALLOW, PASS This things are secuity limit layer @VitalikButerin concern has been solved