Hello, world: the NullPointer blog
Why we're starting a blog, what you can expect to read here, and a quick tour of the open-source ecosystem it will cover—from Agent-Smith to Seraph and the skills library in between.
Read article →Skills, not scripts: how Agent-Smith chains an attack
Most “AI pentesters” are chatbots wrapped around a script library. We took the opposite bet—teach the methodology, let the model invent the attack, and let skills chain themselves.
Read article →A firewall you can't jailbreak: designing Seraph
Every blocklist eventually fails. Here's why we built Seraph on a positive-security allow-list instead—and what it means to be immune to prompt injection by design.
Read article →