DeltaForceOS Advanced Curriculum
/ LESSON 01 · 1h 5m

Secure Agents and Prompt Injection Defense

/ Curriculum notes

This lesson is available as written curriculum now. Use the notes below with the matching PDF workbook in the resources library.

Permissions, secrets, data boundaries, and hostile inputs Workbook: /resources/agent-security-threat-model.pdf Codex route: /resources/agent-security-threat-model-codex-build-guide.pdf Claude Code route: /resources/agent-security-threat-model-claude-code-build-guide.pdf

/ Matching workbook
Open the PDF curriculum library
/ Choose your build route

Build this lesson inside Codex

Open the repo in Codex, let it inspect the files, then paste the prompt. Ask it to edit only the smallest set of files and verify before you deploy.

Before Codex
1. Open the project in Codex.
2. Confirm .env.local exists locally and is ignored by Git.
3. Open README.md and package.json so Codex can orient itself.
4. Do not paste private keys into the prompt.
Paste this prompt
Inspect this repo for the Secure Agents and Prompt Injection Defense build.

Outcome:
Design a security boundary for agents that can survive hostile content and bad tool calls.

Tools:
Supabase, Vercel, 1Password, OpenAI, Claude, GitHub, Stripe, HubSpot

Explain the files a beginner needs to understand before editing:
README.md, package.json, src, public, scripts, .env.local, and any Supabase files.

Then implement the smallest safe version, list required env names, run the build or focused tests, fix failures, and summarize changed files.

/ Transcript

Secure Agents and Prompt Injection Defense Outcome: Design a security boundary for agents that can survive hostile content and bad tool calls. Tools: Supabase, Vercel, 1Password, OpenAI, Claude, GitHub, Stripe, HubSpot Workbook: /resources/agent-security-threat-model.pdf Codex route PDF: /resources/agent-security-threat-model-codex-build-guide.pdf Claude Code route PDF: /resources/agent-security-threat-model-claude-code-build-guide.pdf Build assignment: Threat-model your most powerful agent and add three injection tests before the next deploy. Use the lesson tabs to choose Codex or Claude Code, then post the proof in Skool.
Next
Observability Stack