Insights on agentic security, credential delegation, and building AI systems that humans can trust.
OpenClaw has seen tremendous success — and we love how it unleashes the real power of AI agents. Here's how Keychains.dev helps the community keep credentials safe with a simple two-step setup.
Researchers extracted 2,702 hard-coded credentials from GitHub Copilot using crafted prompts. The implications for AI agents go far beyond code completion.
48% of MCP servers implement insecure credential storage. OWASP ranks token mismanagement as the #1 MCP vulnerability. The agentic infrastructure has a fundamental security problem.
The fundamental problem with how agents handle credentials today, and why the solution isn't better vaults — it's removing credentials from the agent entirely.
Two critical CVEs in LangChain enabled API key disclosure and environment variable extraction through prompt injection. Both share the same root cause.
As AI agents proliferate, we're building a web of autonomous actors with no accountability framework. The consequences are already showing.