Risky Business Features History Repeats: Security in the AI Agent Era
Feb 17, 2026
They dissect a fast-growing AI agent platform that mimics early internet trust mistakes. They expose how agents read/write files, store credentials in plaintext, and can commandeer browser sessions. They examine malicious skill registries, large-scale disclosure storms, and why banning agents fails. They urge organizations to rethink identity, isolation, and safe deployment before problems spiral.
AI Snips
Chapters
Transcript
Episode notes
Agents Run Continuously As Background Services
- OpenClaw runs as a persistent gateway daemon that keeps agents alive in the background.
- That continuous loop enables scheduled tasks and long-running automation beyond interactive LLM sessions.
Agent State Lives In Writable Markdown
- OpenClaw blurs data and code by storing personality, memory, and schedule as writable markdown files.
- The agent reads and rewrites these files, effectively evolving its own configuration over time.
Isolate Agents — Don’t Expose Gateways Publicly
- Isolate agents heavily and avoid exposing gateway services directly to the public internet.
- Use separate VMs, VLANs, and strict ACLs to limit agent access to sensitive resources.