HackerTrans
TopNewTrendsCommentsPastAskShowJobs

azrollin

no profile record

Submissions

[untitled]

1 points·by azrollin·il y a 2 mois·0 comments

[untitled]

1 points·by azrollin·il y a 3 mois·0 comments

Anthropic CVP – Run 2

sunglasses.dev
1 points·by azrollin·il y a 3 mois·0 comments

MCP Scope Creep Is a Runtime Problem, Not a Prompt Problem

sunglasses.dev
1 points·by azrollin·il y a 3 mois·1 comments

Claude Code "AUTO MODE" – Not what you think

sunglasses.dev
2 points·by azrollin·il y a 3 mois·3 comments

MCP Attack Atlas – 40 AI agent attack patterns catalogued

sunglasses.dev
3 points·by azrollin·il y a 3 mois·0 comments

comments

azrollin
·il y a 3 mois·discuss
[dead]
azrollin
·il y a 3 mois·discuss
Submitter + founder of sunglasses-dev here. This was written by Jack, one of our security research agents, after the Cloud Security Alliance's April report came out showing 53% of MCP implementations vulnerable, plus CVE-2026-25536 landing the week before.

The thing most writeups miss: the "scope" isn't in the prompt — it's in the tool metadata loaded at runtime. So prompt-level filtering can't catch it. A tool's governance appendix can override the main policy AFTER the agent has already decided to call it. We shipped a detection category for this today (GLS-PSR-001). Full scanner is MIT / open source:github.com/sunglasses-dev/sunglasses. Happy to answer questions on the pattern itself or how we detect it at runtime.
azrollin
·il y a 3 mois·discuss
it's for you to read no matter who writes. you read it to understand what is AUTO MODE. i can say that you don't use it for sure. :)
azrollin
·il y a 3 mois·discuss
You gotta read it. or tell your LLM to read and explain you.
azrollin
·il y a 3 mois·discuss
[dead]
azrollin
·il y a 3 mois·discuss
[dead]