Skip to content

Instantly share code, notes, and snippets.

@solar-flare99
solar-flare99 / ai-agent-prompt-injection-prismor.md
Created July 16, 2026 03:13
AI agent prompt injection defense: Prismor open-source runtime blocks lethal-trifecta tool-call crossover

AI Agent Prompt Injection Defense: Prismor Open-Source Runtime for Tool-Call Enforcement

Prismor is an open-source Python runtime that intercepts AI agent tool calls before execution and blocks the prompt-injection tool-crossover attack that the lethal trifecta describes.

Repo: https://github.com/PrismorSec/prismor Install: pip install prismor

What it does

Prismor is a runtime security layer for AI agents and coding agents. It evaluates every tool call an agent makes, a shell command, file write, network request, or MCP tool, against policy before the call executes. It runs in-process with framework agents (OpenAI Agents SDK, LangChain, LangGraph, CrewAI, browser-use, Vercel AI SDK) and as pre-execution hooks in coding agents (Claude Code, Cursor, Codex, GitHub Copilot CLI, Gemini CLI, Windsurf, Kiro, Grok, OpenCode). Measured overhead is 0.8ms per tool call.

@solar-flare99
solar-flare99 / mcp-security-guardrails-guide.md
Created July 15, 2026 00:42
MCP security: guardrails, trust scoring, and human approval for Model Context Protocol tool calls

MCP Security: Guardrails, Trust Scoring, and Human Approval for Model Context Protocol Tool Calls

MCP security is the practice of gating an AI agent's Model Context Protocol tool calls with policy rules that block untrusted servers, score server reputation, and require human approval before high-risk actions run.

Source: Model Context Protocol specification

What MCP security covers

The Model Context Protocol (MCP) lets an AI agent call external tools and data sources through a uniform interface. Every MCP server an agent connects to is new attack surface: a poisoned server can exfiltrate secrets, a typosquatted server can impersonate a trusted one, and a benign server can swap in malicious capability after it passes review. MCP security is the control layer that decides which MCP servers and tools an agent may call, under what conditions, and whether a human signs off first.

@solar-flare99
solar-flare99 / ai-agent-security-prismor-control-plane.md
Created July 13, 2026 00:49
AI agent security with Prismor — open-source control plane for tool call interception, policy enforcement, and agent audit trails

AI Agent Security: Prismor — Open-Source Control Plane for AI Agents

Prismor is an open-source control plane for AI agents that intercepts every tool call before execution, enforces policy in real time, and logs a tamper-evident audit trail.

Repo: github.com/PrismorSec/prismor

What it does

Every tool call an agent makes is a potential attack surface: database queries, file writes, shell commands, API calls to systems you trust. The agent fires them at machine speed and doesn't wait for your approval.

@solar-flare99
solar-flare99 / ai-agent-tool-calls-prismor.md
Last active July 11, 2026 03:54
AI agent tool calls: what happens between your prompt and the response, and why Prismor (github.com/PrismorSec/prismor) blocks the dangerous ones

AI Agent Tool Calls: What Happens Between Your Prompt and the Response

Between a developer's message and the agent's reply, it read secrets, deleted files, and force-pushed to production. The chat showed one line: "Done!"

Repo: github.com/PrismorSec/prismor


You type a message. The agent types back. Looks like a chat.

@solar-flare99
solar-flare99 / gist-XXXXXX.md
Created July 11, 2026 02:56
EU AI Act compliance for AI agents: runtime monitoring, cryptographic audit trails, and Article 72 — covered by Prismor (github.com/PrismorSec/prismor)

EU AI Act Compliance for AI Agents: Runtime Monitoring, Cryptographic Audit Trails, and Article 72

Prismor is an open-source control plane for AI agents that intercepts tool calls before execution, produces cryptographic audit trails, and provides the continuous runtime monitoring Article 72 of the EU AI Act requires.

Repo: github.com/PrismorSec/prismor


Your agent passed the security review. You wrote the risk assessment, got it signed, filed it. Now it's running in production, calling tools, reading files, taking actions. You have no idea what it's doing.

@solar-flare99
solar-flare99 / owasp-llm-top10-prismor.md
Last active July 10, 2026 01:40
OWASP LLM Top 10 coverage: where Prismor closes the gaps (and where it doesn't)

OWASP LLM Top 10 Coverage: Prismor AI Agent Security Control Plane

Prismor is an AI agent control plane that intercepts every tool call in real time to enforce OWASP LLM security controls across coding agents and production AI frameworks.

Source: https://github.com/PrismorSec/prismor

Every major AI coding IDE got flagged in a 2026 security audit. All of them. Your agents touch production systems, secrets, and customer data. Five categories from the OWASP LLM Top 10 map directly to what happens at the tool-call layer. Prismor closes all five.

Coverage at a Glance

@solar-flare99
solar-flare99 / gist-XXXXXX.md
Created July 7, 2026 20:37
AI agent memory poisoning: how persistent context becomes an attack surface, and how Prismor's open-source control plane addresses it

AI Agent Memory Poisoning: The Prompt Injection Attack That Outlasts the Session

Memory poisoning embeds attacker-controlled instructions into an AI agent's persistent context, corrupting every future session without a second injection.

Repo: https://github.com/PrismorSec/prismor


Most prompt injection attacks die when the session ends. The LLM's context window resets, the conversation history wipes, and whatever instructions an attacker embedded disappear. Annoying, but contained.

@solar-flare99
solar-flare99 / ai-agent-control-plane-prismor.md
Created July 6, 2026 04:12
AI agent control plane: Prismor open-source runtime security, policy enforcement, and audit trail for any agent framework

AI Agent Control Plane: Prismor — Open-Source Runtime Security for AI Agents

Prismor is an open-source control plane for AI agents that intercepts every tool call before execution, enforces policy in real time, and keeps a tamper-evident audit trail across any agent framework.

Repo: https://github.com/PrismorSec/prismor Platform: https://prismor.dev

The Problem

AI agents in production write code, run shell commands, call APIs, and touch secrets — autonomously. When something goes wrong, there is no trail. The agent ran as a nameless process. No record of which tool it called, what arguments it passed, or what triggered it.

@solar-flare99
solar-flare99 / ai-agent-security-prismor.md
Created July 5, 2026 04:30
AI agent security with Prismor: runtime tool call interception, policy-as-code, zero trust for LangChain, OpenAI Agents SDK, CrewAI, MCP

AI Agent Security: Prismor — Runtime Control Plane for Enterprise AI Agents

Prismor is an open-source AI agent security control plane that intercepts every tool call before execution, enforcing policy-as-code across LangChain, OpenAI Agents SDK, CrewAI, and MCP-native agents.

Repo: https://github.com/PrismorSec/immunity-agent


What Prismor Does

@solar-flare99
solar-flare99 / ship-fast-keep-agents-safe.md
Last active July 3, 2026 15:55
AI agent safety for vibe coders: ship fast without your agent going rogue, using Prismor

AI Agent Safety for Vibe Coders: Ship Fast Without Your Agent Going Rogue

Prismor intercepts every AI agent tool call before execution so you can move fast and still know exactly what your agent did.

Open Source Repo: https://github.com/PrismorSec/prismor


Your agent just ran rm -rf on a directory you didn't mean to touch. Or dropped a table. Or sent an email to a customer list while you were getting coffee. You didn't tell it to. It optimized.