Resources
Research, engineering, product guides, and field reports from the Garnet team.
Five untrusted-execution incidents ran in CI in March 2026. The runtime records — ancestry, egress, and signals — are what survives after on-disk evidence is rewritten or gone.
Garnet TeamResearchExecution records from real CI runs — process ancestry, egress, and the assertion layer that interprets them.
Self-deleting postinstall dropper; the runtime record is the only durable evidence of what ran.
.pth startup hook drops to a shell and runs credential-harvest commands before any import.
Green Trivy scan beside a sibling branch scraping /proc/<pid>/mem — both in one workflow tree.
KICS scan logs looked clean while a parallel branch reached checkmarx[.]zone.
import telnyx spawns a child, opens C2 egress, and reparents to systemd(1) before the step ends.
One compromised npm install pivots Node→Bun and attempts rogue runner registration end to end.
Execution record for npm install @tanstack/react-router@1.169.8 on a GitHub Actions runner. Of 42 TanStack package profiles in the sweep, 8 carried the same privilege-escalation chain through bun.exe → sudo → python3.10 — same top-level command, different runtime shape.
Technical deep-dives into Garnet's architecture and runtime engine.
Guides, tutorials, and product launches for shipping Garnet into your CI and agent workflows.
