Subscribe

AI SECURITY RESEARCH

Learn. Break. Build. Defend.

Track AI security shifts, expose agent risks, and stop risky releases.

Prompt InjectionAgent AbuseRAG PoisoningTool CallingOpenClaw Exposure
Subscribe Free →Open Watchboard
Researchexploit paths and defensive breakdowns teams can act on
Evidencepublic watchboards for exposed agent targets
Controlpolicy, scanning, and release gates in one plane

HOW IT WORKS

From exploit path to release decision

AIPwn connects research that explains AI and agent attack paths, watchboards that prove exposure, and release controls that stop risky changes from shipping.

RESEARCH

Real exploit paths, not AI security hot takes

We break down prompt injection, tool abuse, secret leaks, and exposed agent endpoints into concrete attack chains teams can actually fix.

Subscribe Free →

WATCHBOARDS

Public evidence that exposure is real

OpenClaw turns findings into visible watchboards so teams can verify what is exposed, where it is reachable, and how risk changes over time.

Open OpenClaw →

PRODUCT

Release gates tied to real findings

ClawPlane uses the same evidence in policy, CI, and deploy decisions so risky changes do not quietly ship.

Open ClawPlane →

PRODUCTS

What we are building

One stack for teams that need research, scanning, and release control across AI systems and agents.

AIPwn Newsletter

AI security briefings with real attack chains, agent exploits, defensive breakdowns, and high-signal industry shifts.

Live
Subscribe Free →

ClawPlane

Policy, scanning, and release gates for AI systems and agent workflows in one control plane.

Alpha
Request Alpha →

ClawScan

Evidence-first scanning for repos, skills, MCP servers, and exposed OpenClaw targets.

Live Surface
Open Watchboard →

ClawGate

Diff-aware PR, CI, and deploy gates that block risky changes with evidence instead of guesswork.

Alpha
See Release Controls →

COVERAGE

What we detect across AI systems and agent surfaces

The homepage should make our detection surface obvious: prompt exploits, model and tool abuse, leaked secrets, and public exposure.

Current detection areas

Prompt Injection

Instruction override, hidden tool abuse, indirect prompt poisoning, and unsafe retrieval flows.

Tool Abuse And Runtime Risk

Shell execution, downloader chains, unsafe subprocess usage, and overly broad permissions.

Secret Exposure

Leaked API keys, tokens in repos, unsafe logs, and public config artifacts.

Public Endpoint Exposure

OpenClaw services exposed without auth, public docs/openapi, and externally reachable risky interfaces.

Do not ship blind

Start with the newsletter, then bring the same evidence into ClawPlane when releases need policy, scanning, and gate control.

Subscribe Free →Request ClawPlane Alpha