SECURITY
All blog posts, tools, and guides about Security from Developers Digest.
14 resources - 10 posts, 2 tools, 2 guides
Blog Posts
View in blog →
AI Security Scanners Move the Bottleneck to Triage
Anthropic's Project Glasswing update is a useful signal for developer teams: AI can find vulnerability candidates faster than humans can verify, disclose, patch, and ship them.
8 min read
Sandboxed Agents Are Becoming the Team Control Plane
Runtime's Launch HN thread is a useful signal: teams do not just want isolated coding agents. They want a control plane for approvals, secrets, telemetry, review, and merge policy.
8 min read
Agent Skills Are Becoming Package Managers
GitHub trending is full of agent skill registries. The winning pattern is not more prompts. It is dependency governance for the instructions your coding agents inherit.
8 min read
Claude Code Plugin URLs Turn Skills Into a Supply Chain
Claude Code's newer plugin URL and hard-deny controls are small release-note items with a big implication: agent extensions now need supply-chain discipline.
6 min read
TanStack's npm Compromise Is the CI Lesson Agent Teams Needed
The TanStack npm incident was not just a package-security story. It was a reminder that AI agent workflows inherit every weak trust boundary in CI.
9 min read
OpenAI's Codex Mac Certificate Deadline Is a Runbook Test
OpenAI's May 8 macOS certificate rotation for ChatGPT, Codex, Codex CLI, and Atlas is not just a one-off update. It is a useful test of how your team governs AI developer tools.
7 min read
Approval Fatigue Is an Agent Security Bug
Manual approval prompts stop protecting users when coding agents ask too often. The better pattern is risk-aware autonomy: safe defaults, narrow deny rules, and approvals only for meaningful changes.
7 min read
lib0xc Is the Opposite of Rewrite Culture
Microsoft's lib0xc landed on Hacker News with a practical message: safer systems code often means better C APIs, warnings, bounds checks, and incremental adoption, not a heroic rewrite.
8 min read
Codex Security Preview: AppSec Agent for Real Repos
OpenAI's Codex Security agent reviews app code for vulns. Here is what it caught and missed on three real production repos.
10 min read
OpenAI Codex Cloud Security Playbook 2026: Internet Access, Prompt Injection, and Safe Defaults
A practical security playbook for running Codex cloud tasks safely in 2026 using OpenAI docs: internet access controls, domain allowlists, HTTP method limits, and review workflows.
10 min read
Related Tools
All tools →Cloudflare
This SiteCDN, DNS, DDoS protection, and edge computing. Free tier handles most needs. This site uses Cloudflare for DNS and analytics. Workers for edge compute.
InfrastructureGlama
Largest MCP server directory with 17,000+ servers. Security grading (A/B/C/F), compatibility scoring, and install configs. ChatGPT-like UI for browsing and testing.
MCP ToolsGuides
All guides →Claude Code Complete Course
A complete, citation-backed Claude Code course with setup, prompting systems, MCP, CI, security, cost controls, and capstone workflows.
GuideChronicle Research Preview Setup Guide
Set up Codex Chronicle on macOS, manage permissions, and understand privacy, security, and troubleshooting.
GuideKeep exploring Security
- - Cloudflare - recommended Security tool from the Developers Digest directory
- - Tools Directory - dive deeper across the Developers Digest knowledge base
- - All Security articles in the blog archive
- - Developers Digest on YouTube - video tutorials covering Security and more
Get Smarter About AI Dev
New tutorials, open-source projects, and deep dives on coding agents - delivered weekly.
One email per weekReal code, not theoryFree forever
Explore 354 topics
Browse All Topics