GigaTap articles tagged developer security.
- TeamPCP shows why trusted packages are not safe by default - A reported TeamPCP wave hit VS Code, PyPI, and npm paths in the same week. The common failure was trust: verified publishers, official packages, and auto-u
- AI coding agents need boundaries, not just prompts - Docker’s warning is vendor-framed, but the core issue is real: coding agents often inherit developer privileges and can act faster than teams can review.