Security blog

AI security notes and shipped PRs.

Short notes from OSS security work, followed by the pull requests that shipped.

Read latest post

Merged PRs

Recent security work

Full PR list →

2026-05-05 · gadievron/raptor #308 ci: run libexec wrapper tests 2026-05-02 · OWASP/APTS #47 docs: add autonomy downgrade matrix template 2026-05-02 · gadievron/raptor #257 feat(project): add coverage threshold gate 2026-05-02 · gadievron/raptor #256 feat(project): add grouped Markdown findings export 2026-05-02 · bytedance/deer-flow #2623 [security] fix(upload): reject symlinked upload destinations 2026-05-01 · OWASP/APTS #46 docs: add shift handoff template appendix 2026-05-01 · HKUDS/nanobot #3569 [security] fix(dingtalk): block SSRF in outbound media fetches 2026-05-01 · qwibitai/nanoclaw #2001 [security] fix(container): prevent host file read/delete via container-controlled outbox paths 2026-04-30 · bytedance/deer-flow #2633 [security] fix(sandbox): bind local Docker ports to loopback 2026-04-29 · HKUDS/OpenHarness #209 [security] test(gateway): cover bridge spawn repro path 2026-04-28 · OWASP/APTS #42 docs: add authority delegation matrix template 2026-04-28 · labring/FastGPT #6826 [security] fix(app): validate stored MCP tool URLs

Blog

Latest posts

May 5, 2026 CI coverage is part of the evidence boundary May 4, 2026 Reference integrity is an evidence boundary May 3, 2026 LLM candidates need explicit evidence contracts May 2, 2026 Upload writes and evidence gates need sink-side proof May 1, 2026 Sinks are where trust boundaries become real