chetan conikee

[A follow up post] : SUNBURST SolarWinds Breach: Crime Scene Forensics #SolarWinds #SUNBURST chetan-conikee.medium.com/sunburst-solar…

@dhvanil I sent you a DM on X? Pls check

@conikeec thank you!! that's bad -- i'm going to fix it 🦾

i turned my codebase into a city so that i can stop squinting at terminals. now i just watch my ai agents fly between buildings. and you can try it too: SQUAD: a fun mission control for ai agents

Conversational vs. Operational Memory: What’s the Difference? 🎯 Stop Paying the "Context Tax" on Your AI Agents 🎯 Stop Re-Booting Your AI’s Understanding of Your Business → gradientflow.substack.com/p/the-missing-…

AI Security Digest – February 2026 (Week 1) 1️⃣ How LLMs Feed Your RE Habit Following the Use-After-Free Trail in CLFS - @clearbluejar - clearbluejar.github.io/posts/how-llms… 2️⃣ SmartLoader Clones Oura Ring MCP to Deploy Supply Chain Attack - @straikerai - straiker.ai/blog/smartload… 3️⃣ When MCP Meets OAuth Common Pitfalls Leading to One-Click Account Takeover - Fenix Q., Shuyang W. - @obsidiansec - obsidiansecurity.com/blog/when-mcp-… 4️⃣ Agentic AI and Non-Human Identities Demand a Paradigm Shift In Security Lessons from NHIcon 2026 - @McDwayne - @GitGuardian - blog.gitguardian.com/nhicon-2026/ 5️⃣ Protect your AI workloads from supply chain attacks - @anushkaiyer_ - @chainguard_dev - chainguard.dev/unchained/prot… 6️⃣ Hacking Moltbook The AI Social Network Any Human Can Control - @galnagli - @wiz_io - wiz.io/blog/exposed-m… 7️⃣ The rise of Moltbook suggests viral AI prompts may be the next big security threat - @arstechnica - arstechnica.com/ai/2026/02/the… 8️⃣ Moltbook and the Illusion of Harmless AI-Agent Communities - Lucie C. - @Vectra_AI - vectra.ai/blog/moltbook-… 9️⃣ Critical RCE in vLLM Allows Server Takeover via Malicious Video URL CVE-2026-22778 - Igor Stepansky - @orcasec - orca.security/resources/blog… 🔟 What Security Teams Need to Know About OpenClaw the AI Super Agent - Elia Zaitsev - @CrowdStrike - crowdstrike.com/en-us/blog/wha… 1️⃣1️⃣ An introduction to automated LLM red teaming - @snoeck_t - @NVISOsecurity - blog.nviso.eu/2026/02/05/an-… 1️⃣2️⃣ AI-Powered Kids’ Toy Turns a Bedroom Into an Attack Surface - @rez0__ - vulnu.com/p/ai-powered-k… 1️⃣3️⃣ “We’ve Solved Prompt Injection” And other bedtime stories from your security vendor - @conikeec - open.substack.com/pub/conikeec/p… 1️⃣4️⃣ AI Agent Prompt Injection Exposes Insider Risks - @DtexSystems - dtex.ai/resources/i3-t… 1️⃣5️⃣ Evaluating and mitigating the growing risk of LLM-discovered 0-days - @AnthropicAI - red.anthropic.com/2026/zero-days/ 1️⃣6️⃣ Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site - @matthewgault - @404mediaco - 404media.co/exposed-moltbo… 1️⃣7️⃣ It’s incredible It’s terrifying It’s OpenClaw - @jasonmeller - @1Password - 1password.com/blog/its-openc… 1️⃣8️⃣ One-click RCE on Clawd/Moltbot in under 2 hours with Hackian - Henrique Branquinho - @Ethiack - ethiack.com/news/blog/one-… 1️⃣9️⃣ OpenClaw Hardening for MSPs - @elli_shlomo - @GuardzCyber - guardz.com/blog/openclaw-… 2️⃣0️⃣ Red Teaming Agentic Capabilities in NVIDIA NeMo Agent Toolkit - @lakeraai - lakera.ai/blog/red-teami… 2️⃣1️⃣ Exploring the Security Risks of AI Assistants like OpenClaw - Conner McCauley, Kasimir Schulz, Ryan Tracey, Jason Martin - @HiddenLayerSec - hiddenlayer.com/research/explo… 2️⃣2️⃣ OpenClaw or OpenDoor - @stav_c - @zenity_io - labs.zenity.io/p/openclaw-or-… 2️⃣3️⃣ n8n Sandbox Escape Critical Vulnerabilities in n8n Exposes Hundreds of Thousands of Enterprise AI Systems to Complete Takeover - @EilonCohen - @Pillar_sec - pillar.security/blog/n8n-sandb… 2️⃣4️⃣ AI-assisted cloud intrusion achieves admin access in 8 minutes - Alessandro Brucato and Michael Clark - @Sysdig - sysdig.com/blog/ai-assist… 2️⃣5️⃣ DockerDash Two Attack Paths One AI Supply Chain Crisis - Sasi Levi - @NomaSecurity - noma.security/blog/dockerdas… 2️⃣6️⃣ Clawing Out The Skills Marketplace Just Inherited Its First Second-Degree Supply Chain Risk - Yotam Perkal ☄️ and Ehud Melzer - @pluto_security - blog.pluto.security/p/clawing-out-… 2️⃣7️⃣ Auditing Outline Firsthand lessons from comparing manual testing and AI security platforms - @LucaCarettoni - @doyensec - blog.doyensec.com/2026/02/03/out… 2️⃣8️⃣ Seven layers of Prompt Injection protection - @owasp_ai - #seven-layers-of-prompt-injection-protection" target="_blank" rel="nofollow noopener">owaspai.org/docs/2_threats… 2️⃣9️⃣ Why Moltbot formerly Clawdbot May Signal the Next AI Security Crisis - Sailesh Mishra and Sean P. Morgan - @PaloAltoNtwks - paloaltonetworks.com/blog/network-s… 3️⃣0️⃣ From magic to malware How OpenClaw’s agent skills become an attack surface - @jasonmeller - @1Password - 1password.com/blog/from-magi… 3️⃣1️⃣ From Automation to Infection How OpenClaw AI Agent Skills Are Being Weaponized - @bquintero - @VirusTotal - blog.virustotal.com/2026/02/from-a…

@badlogicgames Are there any specific benchmarks to connect compaction cycles to regression of smarts? With claude I see it at ~60%

Codex 5.3 dumb zone still starts around 45% of context.

"We've solved prompt injection." - says your AI native CyberSecurity vendor. No, you haven't. Prompt injection isn't a bug you patch. It's a property of the architecture. The LLM cannot tell the difference between your instructions and an attacker's. That's not a training data problem. I wrote a step-by-step breakdown of how it actually works — lnkd.in/g4w4kShh

Context isn't a graph problem. It's a resource allocation problem. What fits in working memory right now? What do we evict when we're full? How do we maintain coherence across execution contexts? These are operating system questions. And they need operating system answers—not new vocabulary for old concepts. Wrote up my thoughts here: lnkd.in/grACzjFp

We begin the new year at AI Agent SF with a groundbreaking project obviating the key premise of MCP, while working alongside it and making it much easier to build AI skills and avoid MCP platform tax: luma.com/87ipvb38 Join us on January 20th with Dex!

Things can become hard to manage if they OSS the CLI - more slop PRs will pile on - more opinions will begin to surface from the community - more wedges will be formed between community members (leading to eventual forks, clones, replicas, etc) - we've seen this history repeat with hashicorp, kafka, redis, elasticsearch Honestly, at times I am divided when it comes to reasoning between closed and open source these days

Serious question to @claudeai or @bcherny . Why don't you open-source the CLI? The custom system prompts? Your main product is Opus (imo), not the CLI.

@auchenberg @lgrammel Sent you DM.

Where's the TypeScript SDK that enables you to spin up a Claude Code-like agent with context compression, file system, skills and MCPs? (Claude Agent SDK is not it. Terrible DX, and impossible to host) @lgrammel We need you.

Subscribe 📩 gradientflow.substack.com

@steipete My LinkedIn feed is all ClawdBot (most cyber vendors) :) .. All press is good press. Congrats

@badlogicgames I agents begin to browse then the opinion of humans wouldn't matter as much. Websites as MD format will suffice

pi has an even shittier website now. You're welcome. buildwithpi.ai

Cursor is quite an unsustainable product from a consumer, prosumer and enterprise perspective. Good luck if you are in exceedence of your allotted quota as you will land up paying more than a qualified FTE

@badlogicgames @mitsuhiko @badlogicgames I took Pi for a spin .. really liking it

@mitsuhiko Haven't looked, but does this create an all new session, or is it similar to what pi does?

Pi did it first! x.com/thsottiaux/sta…

@obie @bcherny I noticed as well .. the cue is context consumption .. if it rapidly begins to eat , the system auto-switched to opus

Anyone else notice some shenanigans with the model selection in Claude Code 2.1.17 ... all of a sudden I'm using Sonnet 4.5 even though all my sessions are always set to Opus??? C'mon #wtf cc: @bcherny

A very well written post by @codestirring chrisgregori.dev/opinion/code-i…

Don't miss @tech_optimist 's session @ Austin ..

Aiden - they complement each other MCP defines how to communicate Skills define what to communicate MCP is the transport layer (like HTTP) Skills are the capability layer (like REST APIs) You need both. MCP without skills is an empty pipe. Skills without MCP means every agent reinvents integration from scratch.

im probably being an midwit but here goes why do we need MCP if skills exist now?

@zeeg Just dm’d . Please let me know

what if we rebuilt MCP, threw out everything that wasnt stateless HTTP, oauth, and tool definitions? im pretty sure everyone building a harness would opt-in over what it has become. most of the spec seems to be built out of over engineering vs customer demands, and its not implemented anywhere anyways.