I Deleted an Entire Repo Because of One API Key

A few years ago, I made one careless commit that caused hours of panic.

I was working in a public repo, and satisfied with my changes, I committed and pushed the code.

Afterward, I looked over my work. I then realized that I had mistakenly pushed a critical API key to GitHub.

That's when the panic set in.

At that time, I wasn't up on CI/CD pipelines, pre-commit workflows or tools that detected secrets in files before commits and pushes. I was security blind.

And, in my fear, I didn't think to just login to the application and rotate my API keys! Instead, I spent hours looking up how to scrub a git repo's history.

I didn't find a good answer so I just nuked the repo.

Fast forward a few years. People are coding, but they're not looking at what AI is producing. Or, they're pretty experienced, but trust their agents too much.

Sound familiar?

Your agents are doing a lot: committing code, installing applications, running freshly developed apps, updating your calendar, sending e-mails and more.

Life feels good. You're productive. That's great.

But there's a hidden danger. It comes from not knowing what's coming in or going out.

And, frankly it's hard to care. You're shipping. And, nothing bad has happened ... yet.

It's not like your head is in the sand. You're aware app packages are being turned into malware. You know AI agents can receive harmful content that instructs them to leak credentials and other private information.

But, when you check out an AI agent security solution, the web page is full of terms you don't understand. It's like you need a PhD in AI agent security to use these products effectively.

Your safety is too important to leave to chance. That's why I'm building something to help.

My name is Fard Johnmar. Over the last 20+ years, I've worked with Fortune 500 companies and the largest organizations in the world, developing cutting edge, high stakes products and services, in Web, social media, mobile and now AI. My latest offering is called AgentGuard360.

It's an upcoming open source application that's simple to understand, easy to use and protects you and your agents in the background. Even better, your agent can run it for you.

When it's released AgentGuard360 will help:

Harden your device: Find out whether the computer your agent is running on has security holes that let attackers in

Block app malware: Stop packages that can steal your data from being installed

Prevent credential leaks: Scans key agent files and git commits for API keys, auth tokens and other private information

Track traffic: Know what sites or APIs your agent is connecting to and whether they're harmful

Monitor spending: Track all agent costs and flag spikes that may indicate anomalies, or just over-spending

Scan LLM content: Automatically monitor your agent's inputs and outputs for harmful instructions and other content that could lead to problems

AgentGuard360 installs in 5 minutes and provides powerful privacy-first machine learning-powered analysis and protection, while keeping data on your device.

You can set it and forget it. You'll get status updates and alerts delivered via email and to your agent. There are no long-term commitments and no credit cards. It's optimized for humans and agents.

Some people figure out the AI security thing after getting burned.

Here's your chance to up your game without needing a PhD in AI Agent security.

Join the AgentGuard360 Waitlist

We'll alert you when the app is launched.

Use an email address you check often. No spam, ever.