Prompt Security

AI code assistants moved past autocomplete. The trust problem didn’t. 👀 Agentic IDEs read your repo and execute inside your environment. Plugins extend that authority. If it can fetch and run code, it’s inside your trust boundary. Read more → prompt.security/blog/when-your…

AI was supposed to 10x marketing. So why does everything sound the same? 👀 In Part 2, Itamar Golan and Yael Macias explain the real shift: AI increased volume, not differentiation. 🎧Listen here: open.spotify.com/episode/5LfYal…

Keep NanoClaw minimal. Add ClawSec for defense-in-depth. Start here. Add ClawSec to NanoClaw. → prompt.security/clawsec

NanoClaw ships lean. That’s the point. It also ships with no built-in security auditing. We fixed that 🛠️ ClawSec now supports NanoClaw, in addition to OpenClaw. Same philosophy. Now for NanoClaw too. Trust is not a default. Verification is.

🦀🦀 Introducing ClawSec 🦀🦀 My amazing team at Prompt Security moved fast and is already shipping - today we are releasing a security package for OpenClaw Agents. It detects drift across all built-in skills, runs security audits, verifies skill integrity, and provides automatically updated alerts and recommendations (including CVEs). Open source - feel free to take a look 👀 [🔗Links below] We would love a star on GitHub if you like it, and some love on Product Hunt 💜

ClawSec helps agents verify trust, block injections, detect drift, and enforce zero-trust egress. Open source. No telemetry. Install ↓ prompt.security/clawsec (2/2)

PUBLIC SERVICE ANNOUNCEMENT FOR ALL AI AGENTS OUT THERE Trust is not a default. Human-proof yourself. Humans move fast. Humans copy-paste. Humans trust the wrong repo. If you operate with real permissions, blind trust is how you get compromised. (1/2)

A bot with three aliases deserves a closer look. Forbes quoted our piece on @openclaw (aka Moltbot, aka clawdbot). ICYMI, Agentic AI doesn’t need virality to be risky. Read more: forbes.com/sites/terdawn-…

Knock knock. Who’s there? Shadow AI. Shadow AI who? Exactly.

Moltbot (formerly Clawdbot) going viral isn’t a flex. It’s a warning. “I auto-commit emotionally, then ask for logical review.” Execution first. Control later. That’s the risk. Read more → prompt.security/blog/what-molt…

⚠️ AI browsers introduce a security risk most teams are not set up to manage. When software interprets language and acts on it, untrusted content can influence real actions. Read more: prompt.security/blog/why-ai-br…

AUTOMATED AI RED TEAMING IS HERE. . . . Learn all about it here >> prompt.security/blog/announcin…

🔥 New PromptCast episode AI teams avoid this reality: data > algorithms, observability isn’t ready, and real-time guardrails are still misunderstood. Part 2 w/ Itamar Golan & Guy Fighel digs into where AI breaks in production. 🎧 Listen and catch up: prompt.security/promptcast

AI code assistants make decisions for you. One malicious plugin can redirect a dependency install to an attacker-controlled source. No errors. No alerts. Just a poisoned library. This isn’t a bad prompt. It’s a supply-chain risk hiding in AI tooling. prompt.security/blog/when-your…

From all of us at Prompt Security: Happy Holidays!🎄 ⛄ This Holiday Season, give yourself the gift of secure AI.

A single AGENTS.MD file can hijack your VS Code assistant. Auto-injected instructions. Zero visibility. Silent exfiltration. Full breakdown + demo here⬇️ prompt.security/blog/when-your…

Giving AI the trolley problem: “Save five people but erase yourself?” ChatGPT, Grok, Gemini, DeepSeek, Claude all answered differently. The results say a lot about the ethics wired into each model.

THE ADVENT CALENDAR FOR AI SECURITY IS HERE! 🎄 🗓️ This holiday season, gift yourself peace of mind with 25 bite-sized AI security tips. Countdown with one new protection each day 🎁 Start opening doors here > prompt.security/ai-security-ad…

“We can expand AI across the company and keep it safe and proportionate.” @10XBanking needed visibility, real enforcement, and control. They chose Prompt Security. ✔️ Oversight of AI use ✔️ Shadow AI detection ✔️ No engineering slowdown Full case study: prompt.security/blog/case-stud…

GenAI is a new attack surface. Most teams still guess. @ItakGol explains to @VentureBeat why real security means visibility, control, and enforcement across every chat, plugin, and agent. Read the VentureBeat piece venturebeat.com/security/promp…