ANTIGRAVITY LABJP
TAG

Security

26 articles
Back to all tags
Related:
antigravity12Antigravity10agents4automation3architecture3production3best-practices3least-privilege2permission2operations2app-dev2AI Agents2
Integrations/2026-07-18Advanced

Turning Silent Auto-Approvals into Allow Rules, One Soft-Deny at a Time

In Antigravity CLI 1.1.3, headless -p stops silently auto-approving confirmation-required tools and instead soft-denies them, printing the required allow-rule name to stderr. This piece uses that output as a discovery source to build least privilege from an empty allow set upward, with a working harness and real numbers from a personal automation.

Agents/2026-07-13Intermediate

Passing API Keys to Agents Safely: Runtime Env Injection and Log Redaction

How to hand secrets to an Antigravity agent without leaving them in your repo or your logs, using runtime environment injection and output masking.

Antigravity/2026-07-11Advanced

Are You Actually Using Every Permission You Granted? Tightening Antigravity's Unified Permissions from Real Usage Logs

Once you flip a unified permission policy to 'allow everything,' unused grants quietly pile up. This is the grant-to-usage reconciliation loop: match granted permissions against your action logs, revoke what was never exercised, and narrow what's too broad — with working TypeScript and real numbers from solo operation.

Tips/2026-07-07Advanced

When Antivirus Blocks Antigravity's Launch, Verify the Signature Before You Allow It

When the Antigravity desktop app won't launch because antivirus stepped in, here's how to tell a false positive from a real threat. Verify the code signature on macOS Gatekeeper and Windows Defender first, then allow-list with the narrowest possible scope.

Antigravity/2026-07-07Advanced

Before Your Finger Learns the Approval Dialog: Folding Antigravity Permissions Into One Policy

Scattered approval dialogs, per-MCP allowlists, repeated re-auth. Built around Antigravity 2.2.1's unified permissions and OAuth keyring storage, here is how I fold every permission into a single policy and design away approval fatigue, with working code and measured numbers.

Agents/2026-06-28Advanced

The Day the Article I Asked It to Format Became the Agent's Instructions

When you run an unattended content-formatting pipeline with Antigravity CLI, instruction-like text buried in the file you are processing can hijack the agent. Here is how I separate the instruction channel from the data channel and add an output-scope acceptance gate to reject anything out of bounds.

App Dev/2026-06-25Advanced

An Agent Granted 'Watch an Ad to Unlock a Wallpaper' Entirely Client-Side — Re-Verifying Reward Grants with AdMob SSV

I asked an Antigravity agent to wire up 'watch a rewarded ad to unlock a wallpaper,' and it returned an implementation that wrote the unlock flag client-side only. Here is why that is not enough, how I re-verified the reward grant with AdMob server-side verification (SSV), and how I stopped double grants too.

Agents/2026-06-24Advanced

Before a Stray Instruction in a Fetched Page Drives Your Unattended Agent — Tainting Inputs to Downgrade Capabilities

So an unattended agent that reads external pages or PDFs can't be hijacked by an instruction hidden inside them: track the taint of every input and automatically downgrade side-effecting tools. With working Python and real operational numbers.

Tips/2026-06-22Advanced

Strip Secrets Out of the Agent Logs You Keep: Designing a Redaction Layer

Once you start keeping logs from unattended agents, a token or API key eventually lands in them in plaintext. Rotating the key doesn't unmake the leaked log. This designs a redaction layer that reliably drops secrets right before the write, going beyond regex to register known secrets and mask them for certain, with working Python and field notes.

Agents/2026-06-19Advanced

Your Antigravity Sandbox Isolates Multi-Agents Less Than You Think — Notes on Containing the Blast Radius

An Antigravity sandbox gives you the feeling of isolation, but isolation leaks through three real gaps: shared volumes, over-broad allowed domains, and approval fatigue. Field notes on plugging the leaks, containing the blast radius by design, and proving isolation holds with tests.

AI Tools/2026-06-14Advanced

Pairing a Local LLM With Antigravity to Keep Sensitive Code Off the Cloud

Should you really let a cloud agent read code that holds your billing keys and revenue logic? For indie developers that worry is concrete. Here I pair Ollama and Gemma as a local LLM with Antigravity, routing sensitive parts to local and general parts to the cloud, with the decision rules and measurements.

Agents/2026-06-02Advanced

Keeping Secrets Out of Your Antigravity Agent's Output: Layered Defenses for Logs, Diffs, and PR Bodies

The three paths through which background agents leak secrets, and how to defend commit diffs, execution logs, and PR bodies with layered protection, drawn from running six apps and measured false-positive rates.