Secure Planet Training Courses Updated For 2019 - Click Here

There are new available articles, click to refresh the page.

Before yesterdayYour RSS feeds

/r/netsec - Information Security News & Discussion
Object-capability SQL sandboxing for LLM agents — $1K CTF bounty to break it
January 29^th 2026 at 23:31

Object-capability SQL sandboxing for LLM agents — $1K CTF bounty to break it

By: ／u／ryanrasti

Writeup on a defensive technique for constraining LLM agent database access:

The core idea: instead of detecting bad queries at runtime, make them structurally inexpressible via object-capabilities.
Live CTF: two DB agents guarding bitcoin wallets -- one protected by system prompt (already broken), one by capability layer (~$1K still standing).

Interested in feedback on the threat model. Code is open source.

submitted by /u/ryanrasti
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
January 29^th 2026 at 23:31