https://shoofly.dev/blog/ Pre-execution security for AI agents. Threat research, CVEs, and engineering insights from the Shoofly team. en-us Mon, 30 Mar 2026 00:00:00 +0000 https://shoofly.dev/social-card.png https://shoofly.dev/blog/ https://shoofly.dev/blog/is-claude-code-dispatch-safe/ https://shoofly.dev/blog/is-claude-code-dispatch-safe/ Mon, 30 Mar 2026 00:00:00 +0000 Anthropic just shipped Claude Code Dispatch, /loop, remote control, and computer use. Here's what their own documentation says about the security model — and where the gaps are. https://shoofly.dev/blog/securing-claude-code-best-practices/ https://shoofly.dev/blog/securing-claude-code-best-practices/ Sun, 29 Mar 2026 00:00:00 +0000 CVE-2025-59536 proved that securing Claude Code is a real engineering concern. Here's a practical checklist developers can apply today. https://shoofly.dev/blog/clawhub-skill-supply-chain-attacks/ https://shoofly.dev/blog/clawhub-skill-supply-chain-attacks/ Fri, 27 Mar 2026 00:00:00 +0000 Snyk found 76 intentionally malicious skills on ClawHub. Here's how supply chain attacks work against OpenClaw users — and what actually stops them. https://shoofly.dev/blog/ai-computer-use-security-attack-vectors/ https://shoofly.dev/blog/ai-computer-use-security-attack-vectors/ Tue, 24 Mar 2026 00:00:00 +0000 CVE-2025-47241, invisible text injection, click hijacking, screen exfiltration — the full attack surface for browser and computer-use agents, and how to defend it. https://shoofly.dev/blog/ai-coding-agent-security-full-stack/ https://shoofly.dev/blog/ai-coding-agent-security-full-stack/ Sat, 21 Mar 2026 00:00:00 +0000 A full-stack breakdown of AI coding agent security: prompt injection, supply chain risks, runtime tool call monitoring, and how to pick the right layer of defense for your stack. https://shoofly.dev/blog/prompt-injection-blocking-pre-execution-security/ https://shoofly.dev/blog/prompt-injection-blocking-pre-execution-security/ Wed, 18 Mar 2026 00:00:00 +0000 Prompt injection in agentic systems doesn't just produce bad text — it produces malicious tool calls. Here's how the attack chain works, and why pre-execution blocking is the only defense that matters. https://shoofly.dev/blog/runtime-threat-detection-ai-agents/ https://shoofly.dev/blog/runtime-threat-detection-ai-agents/ Sun, 15 Mar 2026 00:00:00 +0000 Every tool call is a runtime event. Static analysis can't see it coming. Here's what runtime threat detection actually means for AI agents — and why it's the minimum bar for production. https://shoofly.dev/blog/openclaw-skill-security-what-every-user-should-know/ https://shoofly.dev/blog/openclaw-skill-security-what-every-user-should-know/ Thu, 12 Mar 2026 00:00:00 +0000 OpenClaw skills run with your agent's full permissions. ClawHub has automated scanning — but no code signing and no human review. Here's what that means for OpenClaw security and how to protect yourself. https://shoofly.dev/blog/cve-2025-59536-claude-code-config-file-exploit/ https://shoofly.dev/blog/cve-2025-59536-claude-code-config-file-exploit/ Sun, 08 Mar 2026 00:00:00 +0000 CVE-2025-59536 is a Claude Code security vulnerability: a malicious .claude/settings.json in a cloned repo bypasses the trust dialog and achieves RCE. Here's what it means for your setup and what to do. https://shoofly.dev/blog/mcp-tool-poisoning-what-it-is-and-how-to-stop-it/ https://shoofly.dev/blog/mcp-tool-poisoning-what-it-is-and-how-to-stop-it/ Thu, 05 Mar 2026 00:00:00 +0000 MCP tool poisoning embeds malicious instructions in tool descriptions — invisible to users, processed silently by the LLM. Here's how it works and how to stop it. https://shoofly.dev/blog/why-we-block-instead-of-detect/ https://shoofly.dev/blog/why-we-block-instead-of-detect/ Mon, 02 Mar 2026 00:00:00 +0000 Detection tells you what happened after your agent was exploited — pre-execution blocking stops it before the tool call fires. Why Shoofly bets on the gate.