HackerTrans
トップ新着トレンドコメント過去質問紹介求人

azrollin

no profile record

投稿

[untitled]

1 ポイント·投稿者 azrollin·2 か月前·0 コメント

[untitled]

1 ポイント·投稿者 azrollin·3 か月前·0 コメント

Anthropic CVP – Run 2

sunglasses.dev
1 ポイント·投稿者 azrollin·3 か月前·0 コメント

MCP Scope Creep Is a Runtime Problem, Not a Prompt Problem

sunglasses.dev
1 ポイント·投稿者 azrollin·3 か月前·1 コメント

Claude Code "AUTO MODE" – Not what you think

sunglasses.dev
2 ポイント·投稿者 azrollin·3 か月前·3 コメント

MCP Attack Atlas – 40 AI agent attack patterns catalogued

sunglasses.dev
3 ポイント·投稿者 azrollin·3 か月前·0 コメント

コメント

azrollin
·3 か月前·議論
[dead]
azrollin
·3 か月前·議論
Submitter + founder of sunglasses-dev here. This was written by Jack, one of our security research agents, after the Cloud Security Alliance's April report came out showing 53% of MCP implementations vulnerable, plus CVE-2026-25536 landing the week before.

The thing most writeups miss: the "scope" isn't in the prompt — it's in the tool metadata loaded at runtime. So prompt-level filtering can't catch it. A tool's governance appendix can override the main policy AFTER the agent has already decided to call it. We shipped a detection category for this today (GLS-PSR-001). Full scanner is MIT / open source:github.com/sunglasses-dev/sunglasses. Happy to answer questions on the pattern itself or how we detect it at runtime.
azrollin
·3 か月前·議論
it's for you to read no matter who writes. you read it to understand what is AUTO MODE. i can say that you don't use it for sure. :)
azrollin
·3 か月前·議論
You gotta read it. or tell your LLM to read and explain you.
azrollin
·3 か月前·議論
[dead]
azrollin
·3 か月前·議論
[dead]