https://inkog.io/labs Security research, technical deep-dives, and insights on AI agent security from the Inkog team. en-us Tue, 21 Apr 2026 00:00:00 GMT Tue, 05 May 2026 09:07:29 GMT https://inkog.io/labs/vercel-breach-ai-supply-chain https://inkog.io/labs/vercel-breach-ai-supply-chain Tue, 21 Apr 2026 00:00:00 GMT A compromised AI tool called Context.ai gave attackers access to Vercel customer credentials through a single OAuth grant. Full attack chain, timeline, and response checklists for developers, security teams, and CISOs. hello@inkog.io (Ben) security https://inkog.io/labs/561-repos-ai-agent-security https://inkog.io/labs/561-repos-ai-agent-security Fri, 10 Apr 2026 00:00:00 GMT We scanned 561 open-source AI agent repositories, drove the false-positive rate to zero, and opened a disclosure pipeline. Here is what we learned — methodology, top patterns, and the raw numbers. hello@inkog.io (Inkog Team) research https://inkog.io/labs/building-secure-agents-with-claude-code https://inkog.io/labs/building-secure-agents-with-claude-code Fri, 10 Apr 2026 00:00:00 GMT A walkthrough of the dev-flow security loop: build an agent in Claude Code, scan it with the Inkog MCP, explain and fix findings in the same conversation. hello@inkog.io (Inkog Team) best-practices https://inkog.io/labs/crewai-multi-agent-authentication https://inkog.io/labs/crewai-multi-agent-authentication Wed, 08 Apr 2026 00:00:00 GMT We analyzed CrewAI's delegation system and found unsigned agent-to-agent communication. Here's why multi-agent workflows need message authentication. hello@inkog.io (Inkog Team) vulnerabilities https://inkog.io/labs/ai-agent-security-gap-2026 https://inkog.io/labs/ai-agent-security-gap-2026 Fri, 03 Apr 2026 00:00:00 GMT We scanned 500+ open-source AI agent repositories for security vulnerabilities. The results reveal a systemic gap between AI agent adoption and AI agent security. hello@inkog.io (Inkog Team) research https://inkog.io/labs/promptfoo-alternative-for-ai-agent-security https://inkog.io/labs/promptfoo-alternative-for-ai-agent-security Tue, 10 Mar 2026 00:00:00 GMT OpenAI acquired Promptfoo. What changes for teams that need vendor-independent AI agent security, and how static analysis fills the gaps eval frameworks leave open. hello@inkog.io (Inkog Team) security https://inkog.io/labs/introducing-inkog-deep https://inkog.io/labs/introducing-inkog-deep Sun, 08 Mar 2026 00:00:00 GMT Inkog Deep goes beyond pattern matching — it understands your agent's purpose, maps its architecture, and explains why findings matter. hello@inkog.io (Inkog Team) security https://inkog.io/labs/eu-ai-act-agent-compliance-checklist https://inkog.io/labs/eu-ai-act-agent-compliance-checklist Sat, 28 Feb 2026 00:00:00 GMT The EU AI Act enforcement begins August 2, 2026. A practical checklist covering Article 14 (Human Oversight), Article 15 (Robustness), risk classification, and automated compliance monitoring with GitHub Actions. hello@inkog.io (Ben) compliance https://inkog.io/labs/why-ai-code-review-is-not-security-scanning https://inkog.io/labs/why-ai-code-review-is-not-security-scanning Sat, 28 Feb 2026 00:00:00 GMT Claude, Copilot, and Cursor are great at reviewing code — but they are not security scanners. Six gaps between AI code review and automated security scanning for AI agents. hello@inkog.io (Inkog Team) security https://inkog.io/labs/nist-ai-agent-standards-initiative https://inkog.io/labs/nist-ai-agent-standards-initiative Sun, 22 Feb 2026 00:00:00 GMT NIST announced the AI Agent Standards Initiative on February 18, 2026 — the first US federal effort targeting AI agent governance. Key deadlines, pillars, and how to prepare. hello@inkog.io (Ben) compliance https://inkog.io/labs/prompt-injection-defense-patterns https://inkog.io/labs/prompt-injection-defense-patterns Sat, 07 Dec 2024 00:00:00 GMT A practical guide to detecting and preventing prompt injection attacks in LLM-powered applications, with code examples and YAML rules. hello@inkog.io (Inkog Team) security