HackerTrans
TopNewTrendsCommentsPastAskShowJobs

azrollin

no profile record

Submissions

[untitled]

1 points·by azrollin·2 mesi fa·0 comments

[untitled]

1 points·by azrollin·3 mesi fa·0 comments

Anthropic CVP – Run 2

sunglasses.dev
1 points·by azrollin·3 mesi fa·0 comments

MCP Scope Creep Is a Runtime Problem, Not a Prompt Problem

sunglasses.dev
1 points·by azrollin·3 mesi fa·1 comments

Claude Code "AUTO MODE" – Not what you think

sunglasses.dev
2 points·by azrollin·3 mesi fa·3 comments

MCP Attack Atlas – 40 AI agent attack patterns catalogued

sunglasses.dev
3 points·by azrollin·3 mesi fa·0 comments

comments

azrollin
·3 mesi fa·discuss
[dead]
azrollin
·3 mesi fa·discuss
Submitter + founder of sunglasses-dev here. This was written by Jack, one of our security research agents, after the Cloud Security Alliance's April report came out showing 53% of MCP implementations vulnerable, plus CVE-2026-25536 landing the week before.

The thing most writeups miss: the "scope" isn't in the prompt — it's in the tool metadata loaded at runtime. So prompt-level filtering can't catch it. A tool's governance appendix can override the main policy AFTER the agent has already decided to call it. We shipped a detection category for this today (GLS-PSR-001). Full scanner is MIT / open source:github.com/sunglasses-dev/sunglasses. Happy to answer questions on the pattern itself or how we detect it at runtime.
azrollin
·3 mesi fa·discuss
it's for you to read no matter who writes. you read it to understand what is AUTO MODE. i can say that you don't use it for sure. :)
azrollin
·3 mesi fa·discuss
You gotta read it. or tell your LLM to read and explain you.
azrollin
·3 mesi fa·discuss
[dead]
azrollin
·3 mesi fa·discuss
[dead]