YC posts two new tools

Y Combinator this week spotlighted two young companies selling a missing layer in the AI stack: one for security, one for testing. (ycombinator.com 1) (ycombinator.com 2) One problem is prompt injection, where hidden instructions in an email, document, or webpage try to make an AI agent ignore its job and do something else. OpenAI published prompt-injection guidance last month, and Anthropic said four months ago that browser agents face the same risk on every page they visit. (openai.com) (anthropic.com) Silmaril, a San Francisco company founded in 2026 by Aum Upadhyay and Eduardo Velasco, says it wraps inference calls and checks user intent, app context, and execution state together instead of only filtering the initial input. Y Combinator says Silmaril has 2 employees, supports major agent software development kits and model providers, and can be added with five lines of code. (silmaril.dev) (ycombinator.com) Silmaril says its system retrains continuously on exploits found by its own threat-hunting agents, which is where the company’s “self-healing” label comes from. The company says it blocks “2x” as many threats as current state-of-the-art defenses with “10x” lower latency and has prevented $28 million in customer damages, though those figures are company claims. (silmaril.dev) (ycombinator.com) The second problem is testing code changes before they hit production, especially when AI coding agents are writing more of the code. Shared staging systems often collide across pull requests, and tests that hit real services such as Stripe or Slack can fail for reasons unrelated to the code under review. (argalabs.com) Arga Labs, founded in 2025 by Phillip Li and Akira Tong, says it creates an isolated staging environment for each pull request, connects it to “digital twin” versions of external services, and posts the results back as a GitHub check. Y Combinator says Arga has 3 employees and positions the product as validation infrastructure for both human engineers and AI agents. (argalabs.com) (ycombinator.com) Arga says those twins copy the same application programming interfaces as services such as Stripe, Google Drive, and Slack, while avoiding rate limits and leaked state between test runs. The company also says it can auto-generate end-to-end tests from an existing URL and pull context from tools including Jira, Linear, GitHub, Sentry, and PostHog. (argalabs.com) (ycombinator.com) The pitch from both companies is that AI software now breaks in two new ways: agents can be tricked, and agent-written code can pass review without being exercised in realistic conditions. Y Combinator’s posts put both tools in front of the same audience now building around agents, model APIs, and automated coding workflows. (ycombinator.com 1) (ycombinator.com 2)