https://miscreants.github.io/blog.trailofbits.com/authors/cliff-smith/Recent content in Cliff Smith on The Trail of Bits BlogHugoen-usMon, 28 Jul 2025 00:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/07/28/we-built-the-security-layer-mcp-always-needed/Mon, 28 Jul 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/07/28/we-built-the-security-layer-mcp-always-needed/Today we’re announcing the beta release of mcp-context-protector, a security wrapper for LLM apps using the Model Context Protocol (MCP). It defends against the line jumping attacks documented earlier in this blog series, such as prompt injection via tool descriptions and ANSI terminal escape codes.https://miscreants.github.io/blog.trailofbits.com/2024/10/01/securing-the-software-supply-chain-with-the-slsa-framework/Tue, 01 Oct 2024 09:00:58 -0400https://miscreants.github.io/blog.trailofbits.com/2024/10/01/securing-the-software-supply-chain-with-the-slsa-framework/Software supply chain security has been a hot topic since the Solarwinds breach back in 2020. Thanks to the Supply-chain Levels for Software Artifacts (SLSA) framework, the software industry is now at the threshold of sustainably solving many of the biggest challenges in securely building and distributing open-source software. SLSA is a […]https://miscreants.github.io/blog.trailofbits.com/2024/01/15/internet-freedom-with-the-open-technology-fund/Mon, 15 Jan 2024 08:30:54 -0500https://miscreants.github.io/blog.trailofbits.com/2024/01/15/internet-freedom-with-the-open-technology-fund/Trail of Bits cares about internet freedom, and one of our most valued partners in pursuit of that goal is the Open Technology Fund (OTF). Our core values involve focusing on high-impact work, including work with a positive social impact. The OTF’s Red Team Lab […]