According to @godofprompt on X, prompt injection can exfiltrate credentials even when supply chain attacks get the headlines, and @composio claims its approach keeps API keys out of the agent’s context window entirely, limiting blast radius during a breach. As reported by @KaranVaidya6, typical agent setups over-permission Gmail, Calendar, Slack, Notion, and GitHub via broad OAuth scopes, creating high-value attack paths for injected prompts. According to composio.dev/protection, Composio brokers secure tool access without exposing raw credentials to the model, relying on scoped, revocable tokens and policy controls so agents invoke actions through a middleware layer rather than handling secrets directly. For AI teams, the business impact is reduced credential leakage, faster compliance reviews, and lower incident response overhead by centralizing permissions and audit logs, as stated by Composio’s product page. According to the cited posts, the practical takeaway is to remove API keys from model inputs, enforce least-privilege OAuth scopes, and route all tool calls through a controlled execution layer to withstand prompt injection.

According to @galnagli on Twitter, a credential harvester operating at tcoredirecting.com/tc2 has been active since November 2025, yet had no public reporting until now. The harvester specifically targets Twitter users by stealing their OAuth tokens before redirecting them to a legitimate Calendly link, disguising the malicious activity. This incident highlights significant security risks for platforms using OAuth and underscores the need for improved threat detection and user education in AI-driven authentication systems, as reported by @galnagli.

According to @galnagli on Twitter, @iangcarroll's @openclaw MacBook mini agent, hosted on a shared Discord channel, demonstrated advanced automation capabilities by conducting comprehensive security research within minutes. The agent dumped full HTML content, identified a malicious OAuth flow, discovered a credential harvester domain, pulled URLScan history, and traced domain registration. As reported by @galnagli, these features highlight the practical application of AI-powered agents in rapid threat analysis and cyber defense, presenting new business opportunities for organizations seeking automated security solutions.