What is Open Relay used for?

Open Relay lets you start, detach, and manage long-running CLI or AI agent sessions like services — inspect logs anytime, send input sparingly.

How does Open Relay's session token expiry work?

Tokens now expire after a configurable TTL (24 hours default), checked on every auth with lazy cleanup — no more immortal leaks.

Is Open Relay secure after the audit?

Yes, zero malware found; key fixes shipped for auth, DoS, and proxies. Full report in repo.

🔒 Security & Privacy

Open Relay's Eternal Session Tokens Finally Get a 24-Hour Kill Switch

Imagine your auth token leaking from a browser cookie and staying valid for days. That's how Open Relay rolled until a recent audit forced a hard reset: 24-hour expiry.

theAIcatchup Apr 10, 2026 4 min read

Open Relay GitHub repo showing security audit fixes for session token expiry

⚡ Key Takeaways

Session tokens in Open Relay now expire in 24 hours, fixing a major leak risk. 𝕏
Security audit uncovered no backdoors but shipped hardening like per-IP lockouts and bounded reads. 𝕏
Ideal for AI agent workflows needing durable, inspectable CLI sessions without auth nightmares. 𝕏

Published by

theAIcatchup

Community-driven. Code-first.

#AI agents #Open Relay #open source security #security audit #session tokens

Worth sharing?

Get the best Open Source stories of the week in your inbox — no noise, no spam.

Originally reported by Dev.to

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

Cert-Gating AI Tool Calls: Zero-Trust That Actually Works

Math.random() Bombs Your Next Security Audit

WAIaaS Delivers Instant Push and Telegram Approvals for Rampaging AI Crypto Agents

25 EU Regulators Hit AI Teams with This One Brutal Question

Stay in the loop