Adversa AI Releases Open-Source Security Tool for AI Agents

- Adversa AI, the company behind SecureClaw, specializes in "AI Red Teaming," a practice of simulating attacks on AI systems to find vulnerabilities before they can be exploited. A significant portion of real-world AI security incidents, 35.3%, have been caused by simple prompt-based exploits, which Adversa aims to prevent. The company was also recognized by Gartner for its work in securing Generative AI. - The OpenClaw framework is designed to let AI agents act autonomously, not just respond to prompts. It can connect to messaging apps like Slack and Telegram, read and write files, and call APIs to execute tasks without direct human oversight. This "excessive agency" is identified as a top security risk by the Open Web Application Security Project (OWASP). - SecureClaw's alignment with OWASP standards addresses specific, high-priority vulnerabilities in large language models (LLMs). These include "prompt injection," where an attacker crafts inputs to manipulate the AI's actions, and "insecure output handling," where the AI's output could expose backend systems. - The need for such security tools is driven by the rapid, often unmanaged, adoption of AI agents by employees. A late 2025 Gartner survey revealed that 57% of employees use personal GenAI accounts for work, with a third admitting to inputting sensitive corporate data into these unapproved tools. - For creative studios, these vulnerabilities pose tangible risks to intellectual property. Insecure AI workflows could lead to the leakage of sensitive data like unreleased character designs or scripts. Furthermore, works generated entirely by AI are generally not eligible for copyright protection, meaning a competitor could legally copy a character or concept created by an unsecured AI tool. - The security challenge is magnified as studios adopt multiple, interconnected AI agents from different vendors. This creates "credential sprawl" and the risk of over-privileged access, where one compromised agent could provide an entry point to sensitive data across a studio's entire production pipeline. - Other companies are also entering the AI agent security space, highlighting a growing market. For instance, Teleport recently launched an "Agentic Identity Framework" to manage how AI agents access sensitive systems, and Cisco introduced "agentic guardrails" to prevent the hijacking of tools connected to AI agents.