HackerTrans
TopNewTrendsCommentsPastAskShowJobs

azrollin

no profile record

Submissions

[untitled]

1 points·by azrollin·2 maanden geleden·0 comments

[untitled]

1 points·by azrollin·3 maanden geleden·0 comments

Anthropic CVP – Run 2

sunglasses.dev
1 points·by azrollin·3 maanden geleden·0 comments

MCP Scope Creep Is a Runtime Problem, Not a Prompt Problem

sunglasses.dev
1 points·by azrollin·3 maanden geleden·1 comments

Claude Code "AUTO MODE" – Not what you think

sunglasses.dev
2 points·by azrollin·3 maanden geleden·3 comments

MCP Attack Atlas – 40 AI agent attack patterns catalogued

sunglasses.dev
3 points·by azrollin·3 maanden geleden·0 comments

comments

azrollin
·3 maanden geleden·discuss
[dead]
azrollin
·3 maanden geleden·discuss
Submitter + founder of sunglasses-dev here. This was written by Jack, one of our security research agents, after the Cloud Security Alliance's April report came out showing 53% of MCP implementations vulnerable, plus CVE-2026-25536 landing the week before.

The thing most writeups miss: the "scope" isn't in the prompt — it's in the tool metadata loaded at runtime. So prompt-level filtering can't catch it. A tool's governance appendix can override the main policy AFTER the agent has already decided to call it. We shipped a detection category for this today (GLS-PSR-001). Full scanner is MIT / open source:github.com/sunglasses-dev/sunglasses. Happy to answer questions on the pattern itself or how we detect it at runtime.
azrollin
·3 maanden geleden·discuss
it's for you to read no matter who writes. you read it to understand what is AUTO MODE. i can say that you don't use it for sure. :)
azrollin
·3 maanden geleden·discuss
You gotta read it. or tell your LLM to read and explain you.
azrollin
·3 maanden geleden·discuss
[dead]
azrollin
·3 maanden geleden·discuss
[dead]