HackerTrans
TopNewTrendsCommentsPastAskShowJobs

sarelta

no profile record

Submissions

Build and deploy hosted sites from Codex with the Sites plugin

developers.openai.com
2 points·by sarelta·지난달·1 comments

GitHub Copilot CLI downloads and executes malware

promptarmor.com
62 points·by sarelta·4개월 전·22 comments

Data exfil from agents in messaging apps

promptarmor.com
34 points·by sarelta·5개월 전·6 comments

comments

sarelta
·6개월 전·discuss
this is sick, Claude Code X Figma is exactly what I need -- wondering how this will compare performance-wise to just using Figma MCP
sarelta
·6개월 전·discuss
The attacker isn't the dev -- the attacker is a third party that poisoned the online data that is ingested by the AI tool.

- Dev builds secure AI app - App defends against indirect prompt injection in data from the internet - Dev reviews the flagged log - Log affected by the injection is rendered, and the attacker who wrote the injection in the web data exfiltrates the data from the AI app user
sarelta
·6개월 전·discuss
thats nifty, so can attackers upload the user's codebase to the internet as a package?
sarelta
·6개월 전·discuss
I'm impressed Superhuman seems to have handled this so well - lots of big names are fumbling with AI vuln disclosures. Grammarly is not necessarily who I would have bet on to get it right