Unsurprisingly, the best defense right now for most people is the same as it's always been: patch your stuff, and keep it up to date.

The basics aren't sexy, but they work.

Know the ledge before you step to it. Some things never change.

Having spent time with both, I can tell you the biggest security vulnerability they've exposed isn't technical.

It's people who haven't touched either one confidently telling you what it all means.

"Do you know the ledge?" Rakim - Long Island 0-day Researcher

The last 10 days, everyone's had an opinion on Mythos and GPT 5.4-Cyber.

It works. But it's not done yet, and I'd rather build what YOU need than guess.

The roadmap is open. Go add to it:
github.com/omkhar/workcell/blob/main/ROADMAP.md

What would make Workcell indispensable for you?

Pull requests are welcome!

Most security tools slow you down. Most fast tools ignore security.
We wanted both. So we built Workcell.

It started with a few co-conspirators asking:

"How do we vibe code at yolo speed and not get owned?"

Happy tax day to all those who observe :lolsob:

Agent on agent violence has been requested 🤣

Try it. Break it. Tell me what holds up.

Patches welcome.

#cybersecurity #codingagents #security #opensource

GitHub - omkhar/workcell: Bounded local runtime and policy boundary for coding agents Bounded local runtime and policy boundary for coding agents - omkhar/workcell

Coding agents are powerful. They’re also one bad boundary away from self-compromising your machine.

I wanted the speed of “YOLO mode” without giving up isolation, so I built Workcell.

With a lot of help from Codex, Claude, Gemini, and Rick, it’s now out:

github.com/omkhar/workc...

Eventually, we’ll be in a much better state. The messy middle is going to be painful.

Job security!!!

A few years ago, when I was working at @openssf.org , we partnered with @darpa.mil on the AI Cyber Challenge.

Yesterday's news from @anthropic.com about Mythos and Glasswing both highlight the opportunity that we saw, and the primary reason we were so focused on securing open source software.

I thought we agreed that move fast + break things was passe?

🤣

My concern is that when writing code was the constraint, ideas were pressure tested better.

Now all kinds of crap gets built that wouldn’t have before.

* Spend less time on code production, more on architecture, evals, and review
* Treat observability, rollback, and correctness as part of the product

Same game. Different scoreboard. How are you adapting to the new economics of building?
#softwareengineering #code #ai #agents #codex #claude #gemini

So the engineering model has to change too:
* Optimize for learning velocity, not backlog pressure
* Use smaller, high-context teams with clear ownership - reduce fractal communication complexity

Now the cost of producing code has collapsed. The bottleneck has moved upstream to clarity, taste, systems thinking, verification, and operational discipline. Or, said differently: everyone can ship faster, including people shipping crap.

For years, engineering organizations were built around one constraint: implementation was expensive, so every idea had to survive layers of prioritization before anyone wrote a line of code.

AI changed that.

"Code Rules Everything Around Me, CREAM" - Method Man, Chief AI Scientist, Wu-Tang Clan

Code got cheaper. Engineering didn’t.

What if we focused on more deterministic testing to ensure our invariants aren’t violated. Is that a good balance?

Hard to do at scale (10s of thousands of people l), suggestions?

Some repos which AI agents and I worked on:

Reset USB, a program which resets all the devices on the USB bus in Linux github.com/omkhar/reset...

DNS Update, a program which updates A and/or AAAA records based on your current public IP(s). github.com/omkhar/dns-u...

So, keep your eyes peeled, because:

"Sleep is the cousin of death."

— Nas, Chief AI Vigilance Officer, Queensbridge (Illmatic, 1994)

I don't have all the answers. And to any vendor about to drop a "turnkey solution" in my comments, I assure you: neither do you. Fair warning ahead of RSAC, sorry I won't be there.

How do you secure your LLM supply chain, and what will you do when they're compromised?

How would you know if an agent made an "enterprising" decision that introduced a vulnerability?

How are you monitoring what your AI agents do on developer endpoints and separating signal from noise?

So I'll ask what most vendors aren't:

And if the bad guys compromise your AI provider? Are they surveilling training data, or intentionally shaping outputs?

3. The supply chain problem just got recursive.
We spent years hardening software supply chains. Now we're injecting code from models trained on data we don't fully understand, via pipelines we don't fully control, into systems we absolutely must protect.