Back to News
Advertisement
ppberlizov about 11 hours ago 0 commentsRead Article on github.com

FR version is available. Content is displayed in original English for accuracy.

AI agents are starting to get real access like GitHub tokens, cloud credentials, customer data, deploy permissions. Not coincidentally, the rate of major cybersecurity incidents is rising rapidly. See for yourself: https://epoch.ai/data/cve?view=graph https://genai.owasp.org/resource/state-of-agentic-ai-securit... My friend and I, both AI researchers, are working on fixing this through an open-source project we've just started called Clay Seal.

We've started with a simple version of Identity: an open-source way to issue short-lived, verifiable identities to AI agents. We're working on several experimental components, including runtime query-based capability scoping for agents, followed by AML-inspired suspicious behavior detection, to replace the antiquated system of static sandboxes most AI tools run on. These tools will enable you to protect yourself from many classes of attacks and are, based on our testing, performing quite well on public benchmarks (which we'll publish soon when we release them!).

Each agent run gets a short-lived credential with its own identity. Services can verify who the agent is, who started it, when the credential expires, and whether the token is bound to the agent instead of being a reusable bearer secret. If you're interested in trying it, we just released it on GitHub here: https://github.com/clayseal/clayseal-identity. If you're interested in trying out the experimental components before we release them, please take a look at https://clayseal.com/.

This is the very first version of the system, and we're working on improving it every day. If you have suggestions, ideas, an interest in contributing, or potential systems/CVE classes you think we should know about, reach out! And feel free to star if you'd like to try it out or just see us develop it.

Advertisement

Discussion (0 Comments)Read Original on HackerNews

No comments available or they could not be loaded.