HackerTrans
トップ新着トレンドコメント過去質問紹介求人

SegmentTree

no profile record

コメント

SegmentTree
·4 か月前·議論
Isn't the main vulnerability the cache poisoning in GitHub Actions?

Yes, the agent installed a malicious package in its workflow. But if GitHub Actions had been properly isolated, the attack would not have been possible.

It's basically impossible to protect against malicious injections when consuming unknown inputs. So the safeguard is to prevent agents from doing harm when consuming such inputs. In this case, it seems nothing would have happened if GitHub Actions itself had not been vulnerable.
SegmentTree
·昨年·議論
Thanks for the showcase.

I have a question: Can your tool detect duplicates with lower resolution? A typical use case would be images received via chat apps, which are often downscaled to save bandwidth. If I have a higher quality version, I'd like to keep only the larger one.
SegmentTree
·昨年·議論
I think it's worth mentioning that the Theia IDE is a fully open source VS Code-compatible IDE (not a fork of VS Code) that's actively adding AI features with a focus on transparency and hackability.