AI Experiments on Napat's Inverse Blog /ai-analysis/ Recent content in AI Experiments on Napat's Inverse Blog Hugo en-us Tue, 31 Mar 2026 20:30:00 +0700 Inside the Machine: What a Leaked Agentic Code Tool Reveals About AI Security /ai-analysis/inside-the-machine-what-agentic-code-tool-source-reveals-about-ai-security/ Tue, 31 Mar 2026 20:30:00 +0700 /ai-analysis/inside-the-machine-what-agentic-code-tool-source-reveals-about-ai-security/ <p>In March 2026, someone extracted the complete source code of Claude Code from an npm package and published it to GitHub. No modifications. No commentary. Excluding generated code, lock files, and test fixtures — roughly 512,000 lines of TypeScript, dumped into a repository with a single commit.</p> <p>How this happened is itself a security lesson. Anthropic published version 2.1.88 of their npm package with a production source map file — <code>cli.js.map</code>, weighing in at 59.8 MB — that contained the original TypeScript source, comments and all. A misconfigured <code>.npmignore</code> or a build pipeline that skipped artifact scanning, depending on who you ask. The file was there for anyone to extract. Security researcher Chaofan Shou was the first to notice.</p> DeerFlow vs OpenClaw Security Analysis (AI Experiment) /ai-analysis/deer-flow-openclaw-security-analysis-experiment/ Fri, 27 Mar 2026 12:20:00 +0700 /ai-analysis/deer-flow-openclaw-security-analysis-experiment/ An opinionated practitioner&#39;s deep dive into DeerFlow and OpenClaw security architectures — what works, what breaks at runtime, where the real risk lives, and how to harden before production. Securing OpenClaw from All Angles: A Practitioner Deep Dive /ai-analysis/openclaw-security-deep-dive-all-angles/ Sat, 21 Mar 2026 21:35:00 +0700 /ai-analysis/openclaw-security-deep-dive-all-angles/ <p>OpenClaw is not a “chatbot deployment.” It is a high-privilege automation control plane that can read files, run commands, browse sites, call APIs, and operate across messaging channels.</p> <p>That means your security model must be closer to <strong>platform security</strong> than to “prompt quality.”</p> ZeroDayBench Replication: What Actually Holds Up in Practice /ai-analysis/zerodaybench-replication-field-notes/ Sat, 21 Mar 2026 18:48:00 +0700 /ai-analysis/zerodaybench-replication-field-notes/ <p>One of the stranger things about AI security is how many people trust benchmark scores they would never trust anywhere else.</p> <p>If someone told you a new static analyzer catches 90% of vulnerabilities, your first question would be: 90% of what? In what code? Under what assumptions? What did it miss? But when an LLM benchmark shows a leaderboard, people often skip those questions and go straight to conclusions.</p>