Persistent Memory Files make agents powerful — and vulnerable. These articles explain how the attack works and how you defuse it.
How ClawHub & Co. become a supply chain — one command, third-party instructions running with full privileges inside your agent's memory.
IncidentThe real ClawHub supply-chain attack — typosquatting, disguised malware, credential theft. And what it teaches us about marketplaces.
AttackWhen the tool description itself is the attack: MCP, prompt injection and the supply chain in Claude Code.
CI/CDHow attackers hijack CI/CD — without changing a single line of app code. OWASP CICD-SEC-4, Megalodon, TanStack.
Supply ChainShai-Hulud, Miasma & co.: self-propagating malware that hijacks runners and harvests secrets.
SynthesisAutonomous agents in pipelines create a new persistence layer — if their memory gets poisoned.
FundamentalsHow an agent's persistent Memory Files become an entry point — and which defense actually holds up.
AttackThe path from a harmless web page to a permanent instruction in your agent's Memory Files — step by step.
DesignThe principle behind PoisonZero: block when in doubt instead of waving through — and why “fail-open” is dangerous for autonomous agents.
PoisonZero is free. Create an app in the panel and protect your first files in under a minute.
Try 14 days free