<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" xmlns:video="http://www.google.com/schemas/sitemap-video/1.1"><url><loc>https://bluebear.io/</loc></url><url><loc>https://bluebear.io/blog/</loc></url><url><loc>https://bluebear.io/blog/agent-skills-plugins-slopsquatting/</loc></url><url><loc>https://bluebear.io/blog/coding-agent-ecosystem-under-attack/</loc></url><url><loc>https://bluebear.io/blog/credentials-your-ai-agent-sees/</loc></url><url><loc>https://bluebear.io/blog/hidden-attack-surface-coding-agents/</loc></url><url><loc>https://bluebear.io/blog/hidden-git-branch-leaking-secrets/</loc></url><url><loc>https://bluebear.io/blog/introducing-baloo-bear/</loc></url><url><loc>https://bluebear.io/blog/introducing-bear-metal/</loc></url><url><loc>https://bluebear.io/blog/not-what-model-writes-what-agent-runs/</loc></url><url><loc>https://bluebear.io/blog/tag/agentic-risk/</loc></url><url><loc>https://bluebear.io/blog/tag/ai-agents/</loc></url><url><loc>https://bluebear.io/blog/tag/ai-governance/</loc></url><url><loc>https://bluebear.io/blog/tag/ai-security/</loc></url><url><loc>https://bluebear.io/blog/tag/appsec/</loc></url><url><loc>https://bluebear.io/blog/tag/code-review/</loc></url><url><loc>https://bluebear.io/blog/tag/coding-agents/</loc></url><url><loc>https://bluebear.io/blog/tag/cybercrime/</loc></url><url><loc>https://bluebear.io/blog/tag/cybersecurity/</loc></url><url><loc>https://bluebear.io/blog/tag/data-leak/</loc></url><url><loc>https://bluebear.io/blog/tag/data-leakage/</loc></url><url><loc>https://bluebear.io/blog/tag/developer-security/</loc></url><url><loc>https://bluebear.io/blog/tag/github/</loc></url><url><loc>https://bluebear.io/blog/tag/infosec/</loc></url><url><loc>https://bluebear.io/blog/tag/linear/</loc></url><url><loc>https://bluebear.io/blog/tag/malware/</loc></url><url><loc>https://bluebear.io/blog/tag/open-source/</loc></url><url><loc>https://bluebear.io/blog/tag/plugins/</loc></url><url><loc>https://bluebear.io/blog/tag/responsible-disclosure/</loc></url><url><loc>https://bluebear.io/blog/tag/runtime-security/</loc></url><url><loc>https://bluebear.io/blog/tag/secrets/</loc></url><url><loc>https://bluebear.io/blog/tag/secure-coding/</loc></url><url><loc>https://bluebear.io/blog/tag/slopsquatting/</loc></url><url><loc>https://bluebear.io/blog/tag/supply-chain/</loc></url><url><loc>https://bluebear.io/blog/tag/threat-intel/</loc></url><url><loc>https://bluebear.io/blog/tag/vulnerability/</loc></url><url><loc>https://bluebear.io/blog/the-mandate-gap/</loc></url><url><loc>https://bluebear.io/privacy/</loc></url><url><loc>https://bluebear.io/projects/</loc></url><url><loc>https://bluebear.io/projects/baloo-bear/</loc></url><url><loc>https://bluebear.io/projects/bear-metal/</loc></url></urlset>