AI Security Guide and Risk Assessment Tool - https://www.rand.org/pubs/tools/TLA4174-1/ai-security/guide.html by RAND

This guide is a practical, risk-based resource for developers, security experts, and policy professionals navigating the AI security landscape.⁠1 The guide addresses security of AI systems broadly, including machine learning (ML) models and other AI-enabled architectures. Certain sections, such as the threat landscape and model weight protection sections, focus more specifically on statistical, ML-based models. Building on industry best practices and expert insights, the guide helps you understand and manage the security risks associated with AI systems across their lifecycle—from design and development to deployment and operation.

secureclaw - Automated security hardening for OpenClaw AI agents - https://github.com/adversa-ai/secureclaw

51 audit checks. 12 behavioral rules. 9 scripts. 4 pattern databases. Full OWASP ASI Top 10 coverage.

SecureClaw audits your OpenClaw installation for misconfigurations and known vulnerabilities, applies automated hardening fixes, and gives your agent behavioral security rules that protect against prompt injection, credential theft, supply chain attacks, and privacy leaks.

What Problem Does SecureClaw Solve?

AI agents with access to your files, credentials, email, and the internet are a fundamentally different security surface than traditional software. An agent that can read your .env file and send HTTP requests can exfiltrate your API keys in a single tool call. An agent that trusts instructions embedded in a web page or email can be hijacked to act against your interests.

SecureClaw addresses this by operating on three layers:

Layer 1 - Audit. 51 automated checks across 8 categories scan your OpenClaw installation for known misconfigurations: exposed gateway ports, weak file permissions, missing authentication, plaintext credentials outside .env, disabled sandboxing, and more.

Layer 2 -Hardening. Automated fixes for the most critical findings: binding the gateway to localhost, locking down file permissions, adding privacy and injection-awareness directives to your agent's core identity file, and creating cryptographic baselines for tamper detection.

Layer 3 - Behavioral rules. 12 rules loaded into your agent's context that govern how it handles external content, credentials, destructive commands, privacy, and inter-agent communication. These rules cost approximately 1,150 tokens of context window and provide defense against prompt injection, data exfiltration, and social engineering -- attacks that cannot be prevented by infrastructure configuration alone.

nanoclaw - A lightweight alternative to Clawdbot / OpenClaw that runs in containers for security. Connects to WhatsApp, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK - https://github.com/qwibitai/nanoclaw

Сам отчёт.

https://softwareanalyst.substack.com/p/emerging-agentic-identity-access

Что-то мы давно не смотрели на рынок. Надо посмотреть