How-To

Google DeepMind’s new research framework maps six categories of “AI Agent Traps” — adversarial techniques embedded in the environment that can hijack autonomous agents without the user or the agent knowing. With content injection attacks succeeding in up to 86% of tested scenarios, this isn’t theoretical risk. This guide walks through each of the six trap categories and gives you concrete, actionable mitigations you can implement today — whether you’re running OpenClaw, a custom LangGraph pipeline, or any other agent framework. ...

LangChain published a framework today for thinking about continual learning in AI agents — and it’s one of the clearest mental models for this problem that’s appeared in the wild. This guide takes that framework and turns it into a practical implementation playbook, with code examples for each layer and decision criteria for choosing between them. The three layers, briefly: agents can learn through context (runtime-injected instructions), storage (external memory), or weights (model fine-tuning). Each has different costs, speeds, and durability characteristics. ...

MolmoWeb is Ai2’s open-source browser agent — 8B parameters, Apache 2.0, no API key required. It scores 78.2% on WebVoyager and beats GPT-4o-based agents on multiple benchmarks. Here’s how to get it running locally. System requirements: GPU with at least 16GB VRAM (for 8B model) or 8GB VRAM (for 4B model) Ubuntu 20.04+ or macOS 12+ (Linux recommended for GPU support) Python 3.10+ Chrome or Chromium browser installed Step 1: Clone the Repository git clone https://github.com/allenai/molmoweb.git cd molmoweb Step 2: Create a Virtual Environment and Install Dependencies python3 -m venv molmoweb-env source molmoweb-env/bin/activate pip install -r requirements.txt The requirements include PyTorch, the Transformers library, Playwright for browser control, and Pillow for screenshot processing. The full install typically takes 3–5 minutes on a good connection. ...

Claude Code Ultraplan offloads your most complex planning tasks to a cloud Opus 4.6 session for up to 30 minutes — while you keep working locally. Here’s how to use it in five steps. Prerequisite: Ultraplan requires the $400/month Claude Code plan tier. Step 1: Open Ultraplan from the Command Palette In Claude Code, open the command palette (Cmd/Ctrl + Shift + P) and type Ultraplan. Select “Claude Code: Start Ultraplan Session”. ...

Claude Code’s latest release (v2.1.9x) adds initialPrompt — a YAML frontmatter field that auto-submits a first turn when a subagent is spawned. This guide shows you exactly how to use it. What You’ll Accomplish By the end of this guide, you’ll have subagents that start executing immediately when invoked — no manual prompting required. Prerequisites Claude Code v2.1.9x or later (claude --version to check) An existing Claude Code project with at least one subagent definition Basic familiarity with YAML frontmatter in agent files Step 1: Update Claude Code First, make sure you’re on the latest version: ...

CVE-2026-32211 is a CVSS 9.1 information disclosure vulnerability in Azure MCP Server. Missing authentication allows unauthenticated attackers with network access to read sensitive data — API keys, agent tokens, and data source credentials the MCP server manages. No credentials required to exploit. No prior access needed. This guide walks through the immediate mitigation steps while an official patch is pending, and the longer-term hardening practices that should apply to any MCP server deployment. ...

If you’re running OpenClaw on any version before 2026.3.28, stop reading and go update. Right now. We’ll be here when you get back. For everyone else: here’s what happened, why it’s serious, and exactly how to verify you’re protected against two freshly disclosed critical vulnerabilities: CVE-2026-33579 and CVE-2026-34426. What Are These Vulnerabilities? CVE-2026-33579 — Privilege Escalation via /pair approve (CVSS 8.1–9.8) This is the big one. Rated between 8.1 and 9.8 out of 10 on the CVSS scale, CVE-2026-33579 allows an attacker who holds operator.pairing scope — the lowest meaningful permission in an OpenClaw deployment — to silently approve device pairing requests that ask for operator.admin scope. ...

The Claude Code source code leak of March 31, 2026 created an immediate security hazard: threat actors began distributing Vidar infostealer malware through convincing fake GitHub repositories within 24 hours. If you’ve cloned any Claude Code fork from an unofficial source since then, this guide is for you. This is a practical, step-by-step walkthrough for: Verifying whether you downloaded a legitimate or fake Claude Code repo What to do if you ran a malicious installer How to protect yourself going forward Step 1: Verify the Repository You Downloaded Check the GitHub organization The only legitimate Claude Code repository is under the official Anthropic GitHub organization: ...

The CertiK study published today identified 135,000 internet-exposed OpenClaw instances with systemic security failures: authentication disabled, API keys in plaintext, malware in the skills store. Most of those deployments weren’t the result of malicious intent — they were the result of setting up OpenClaw following the default quick-start guide and then opening it to the internet. This guide is the one you should follow instead. It covers a complete, production-grade VPS deployment of OpenClaw v2026.4.1 with the security hardening necessary to run it safely on a public-facing server. ...

Most tutorials about AI agents end with something that produces output. This one is about something different: an agent that produces income. Developer Eliott Reich documented how they built an AI agent that earns real money — not through speculation, not through selling the agent itself, but through autonomous task completion that generates actual revenue. Here’s a breakdown of how the system works and how you can build one. The Core Concept: Agents as Economic Actors The insight behind a money-earning agent is simple but consequential: if an agent can complete tasks that have economic value, and if those tasks can be reliably discovered and delivered, then the agent earns money as a byproduct of working. ...