1Password open sources a benchmark to stop AI agents from leaking credentials - Help Net Security

1Password has open-sourced a benchmark called SCAM to evaluate AI agents' ability to avoid phishing attacks in real workflows. The benchmark simulates workplace scenarios and tests whether AI agents can recognize and avoid common threats without being prompted. After baseline testing, 1Password introduced a 'security skill' document to improve agent risk assessment, significantly reducing critical failures. The benchmark is available on GitHub under the MIT License.