Security Trust
Writing filed under Security Trust.
Winning the Opir Challenge by testing the edges
Codex sandboxing is the agent story I care about
AI spend caps belong in product design
As AI platforms added spend controls, it became clearer that budgets are part of user experience.
Dependencies are part of the threat model
Package choices affect security, maintenance, performance, and how quickly a team can patch.
Audit logs should answer human questions
Codex GA made agent admin a real job
Secret scans are cheap compared to rotating keys
A secret scanner is boring right up until it saves a weekend.
Input validation is product design
Validation rules are defensive code, but they also describe what the product accepts as real.