{"type":"video","version":"1.0","html":"<iframe src=\"https://www.loom.com/embed/cad7c2b7c86d4438a5d553ef24024529\" frameborder=\"0\" width=\"1294\" height=\"970\" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>","height":970,"width":1294,"provider_name":"Loom","provider_url":"https://www.loom.com","thumbnail_height":970,"thumbnail_width":1294,"thumbnail_url":"https://cdn.loom.com/sessions/thumbnails/cad7c2b7c86d4438a5d553ef24024529-6da584728d7acd79.gif","duration":273.778,"title":"Week 3 Red Team Multi Agent Security","description":"This Loom explains the week 3 deployment and architecture for a security app that attacks the Clinical Co-Pilot EMR using an out-of-repo design. The author emphasizes that the security app is completely separate from the OpenEMR repo to avoid dependencies or poisoning, and they show how they converted the architecture into slides using Marp. The multi-agent setup includes an orchestrator using a commercial model for coverage gap analysis and budget control, plus local judge and documentation components using a 32 billion parameter model (Quen) running on an M1. The session covers threat categories such as prompt injection, PHI exfiltration, DDoS, and identity exploitation, demonstrated via ATT&CK runs with a dashboard and expandable vulnerability reports including impact and regulatory exposure."}