The Security Guide
Attack Surface
Section titled “Attack Surface”AI agent harnesses introduce a unique attack surface. Key vectors:
Prompt Injection
Section titled “Prompt Injection”Malicious instructions embedded in code, comments, issues, or documentation that attempt to manipulate agent behavior.
Defenses:
- ECC’s InsAIts security hook (opt-in via
ECC_ENABLE_INSAITS=1) - Input validation in hooks
- Secret scrubbing in hook outputs
Tool Misuse
Section titled “Tool Misuse”Agents have access to powerful tools (file write, bash execution, git operations). Uncontrolled tool use can lead to:
- Accidental file deletion
- Credential exposure
- Unauthorized git pushes
Defenses:
PreToolUsehooks that validate commands- Git push confirmation hooks
- Dev server blockers (prevents
npm run devoutside tmux)
Context Poisoning
Section titled “Context Poisoning”Malicious content in the context window that influences agent decisions.
Defenses:
- Session isolation
- Context compaction with key-extraction
- Verification loops
Sandboxing
Section titled “Sandboxing”Run agents in isolated environments:
- Docker containers - Full isolation for untrusted operations
- Git worktrees - Filesystem isolation for parallel tasks
- Tmux sessions - Process isolation for long-running commands
Security Rules
Section titled “Security Rules”ECC installs security rules for each language ecosystem:
- Input validation patterns
- Authentication best practices
- SQL injection prevention
- XSS defense
- Secret management
- Dependency auditing
Risk Quantification
Section titled “Risk Quantification”Use the harness audit command to score your security posture:
/harness-auditThis evaluates hook coverage, rule compliance, and MCP configuration security.
AgentShield
Section titled “AgentShield”The ecc-agentshield npm package provides additional security layers for production agent deployments. It includes runtime monitoring, anomaly detection, and automated response capabilities.