1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials
1Password says AI coding agents should never hold persistent secrets, introducing a just-in-time credential model for OpenAI Codex designed to keep credentials out of prompts, code repositories, and model context. The post 1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials appeared first on SecurityWeek.
1Password has partnered with OpenAI to address one of the growing security concerns surrounding AI-powered software development: protecting enterprise credentials from leakage, theft, or misuse by agentic coding systems.
The companies on Tuesday announced a new integration for OpenAI Codex that gives AI coding agents access to credentials during development workflows without exposing those secrets in prompts, source code, repositories, terminals, or the model’s context window.
AI coding has become the de facto go-to tool for developing new apps. But there are two issues with this approach: the coding tool is agentic AI and inherits all the agentic security concerns; and app development requires widespread company access to credentials.
Related breach coverage
- ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems2026-05-27
Malicious repositories and disguised symlinks can trick AI coding agents into silently installing attacker-controlled MCP servers capable of stealing secrets, compromising CI pipelines, and deploying malicious code. The post ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems appeared first on SecurityWeek.
- OpenAI Hit by TanStack Supply Chain Attack2026-05-15
Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWeek.
- New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails2026-05-28
France-based startup Edamame says its runtime verification platform uses host telemetry and AI analysis to detect coding-agent “intent drift,” secret theft and supply-chain attacks in real time. The post New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails appeared first on SecurityWeek.
- The Credential Crisis: How Stolen Credentials Defeat Modern Security2026-05-27
As AI accelerates phishing, session hijacking, and credential abuse, security teams are racing to close the gap between attacker speed and defensive response. The post The Credential Crisis: How Stolen Credentials Defeat Modern Security appeared first on SecurityWeek.