
About this episode
Luke Hinds discusses the security implications of AI coding agents and introduces Sigstore as a solution for software supply chain security.
When you fire up Claude Code, Cursor, or any AI coding agent, it launches with your full system permissions, your SSH keys, cloud credentials, browser passwords, every file on your machine. Most developers never think twice about it. Luke Hinds did. And then he built something about it. Luke is the creator of Sigstore, the cryptographic signing infrastructure now used by PyPI, Homebrew, GitHub, and Google as the industry standard for software supply chain security. In this episode, he joins C...
People in this episode
Host: Chris Hughes
Guest: Luke Hinds
Topics covered
- AI coding agents
- software supply chain security
- cryptographic signing
- developer security
- system permissions
Keywords
- AI agents
- Claude Code
- Cursor
- SSH keys
- cloud credentials
- software security
- cryptography
Mentioned in this episode
Organizations: Sigstore, PyPI, Homebrew, GitHub, Google
More episodes of Resilient Cyber
- AI Is Winning the Cyber Arms Race · June 3, 2026 · 36 min
- Securing the Agentic SDLC · May 29, 2026 · 49 min
- The Agentic GRC Revolution · May 19, 2026 · 32 min
- Identity as Infrastructure in the Agentic Era · May 13, 2026 · 34 min
- Why AI Security Feels So Fragile · May 1, 2026 · 23 min
- You Can't Trust What You Can't Verify — The Case for AI Model Identity · April 28, 2026 · 1 min
Explore listener stats, chart rankings, contacts and more on the Resilient Cyber podcast page.