{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"AI Security Ops","title":"Open Weight Models and Open Source Harnesses | Episode 56","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/fbbd8572\"></iframe>","width":"100%","height":180,"duration":2255,"description":"In this episode of BHIS Presents: AI Security Ops, the team looks at what it actually means to own your AI stack.Open-weight models and open-source harnesses are no longer just lab toys. They are becoming practical options for security teams that care about where their prompts, code, client data, findings, and tooling actually live.The core question: when your work depends on AI, how much control are you willing to give away?We dig into:- What data sovereignty means for security teams- Why token sovereignty matters in agentic workflows- How provider terms can become a business risk- Open-weight models vs. truly open-source AI- Why harnesses like Hermes and OpenCode matter- Where cloud providers may apply fewer restrictions- The tradeoff between local control and hosted capability- Supply chain risk in models, harnesses, and plugins- Running local models with Ollama, VLLM, and similar tools- Why “local” does not automatically mean “safe”- How to start experimenting without buying expensive hardware- The next risk frontier: local prompt injectionOwning your AI stack does not magically eliminate risk. It moves the risk. Hosted models create exposure around data, terms, pricing, and availability. Local models create exposure around maintenance, supply chain, permissions, and prompt injection. The security win is not blindly choosing local or cloud — it is knowing which layer you need to control, and why.⸻📚 Key Concepts & TopicsData & Terms Risk- Prompts can contain code, client data, findings, and operational context- Hosted providers may inspect, retain, or restrict usage- Terms changes can affect entire security workflows- “Allowed yesterday” does not guarantee “allowed tomorrow”Token Sovereignty- Agentic workflows burn far more tokens than simple chat- Rate limits, usage windows, and pricing changes become operational dependencies- Local hardware shifts the constraint from API quota to compute capacity- Cost control is part of architecture, not just...","thumbnail_url":"https://img.transistorcdn.com/mN9_Xu9UJwoaajIvIvLd-Yygv-Vh_nJwEDItjPY09kA/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8zYjBm/MzE1MWI2YmE4ZGJh/MDQ3MmJkMTkxZGNl/MjBjNS5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}