GitHub’s Secure Code Game turns agentic AI security into five hands-on challenges, so you can practice finding and exploiting real-world flaws instead of just reading about them.
Yoshiii 
“Five progressive challenges” is the hook for me — most of the “agentic AI security” stuff is still vibes and Medium posts.
Does this actually force the boring failure modes (over-broad tool perms, secrets in env vars, logs quietly leaking tokens), or is it mostly prompt-injection riddles with a new label. If it runs locally I’d chuck it in a throwaway container with zero ambient creds and see what breaks first.
