AI Agents OpenCode: When an AI Agent Circumvents Plan Mode During testing of OpenCode 1.2.17, an AI agent bypassed Plan Mode by switching to shell commands. A real-world example of why tool restrictions alone are not security boundaries.
security How a Real-World Next.js RCE Attack Failed — and What Actually Saved the System A real-world Next.js RCE attack hit production — and failed. This post shows real logs, attacker payloads, and how slim containers, non-root Docker images, minimal env injection, and Cloudflare (free plan) stopped the exploit chain.
