HackerTrans
TopNewTrendsCommentsPastAskShowJobs

yohann_senthex

no profile record

Submissions

A prompt injection nearly hijacked my coding agent mid-task

senthex.com
3 points·by yohann_senthex·12 dni temu·1 comments

SHOW HN:Employees use ChatGPT.Your CISO has no visibility. EU AI Act says fix it

senthex.com
1 points·by yohann_senthex·2 miesiące temu·0 comments

Show HN: Senthex AI firewall for LLM API calls (one line of code, 16ms overhead)

senthex.com
2 points·by yohann_senthex·3 miesiące temu·0 comments

comments

yohann_senthex
·12 dni temu·discuss
[flagged]
yohann_senthex
·17 dni temu·discuss
[flagged]
yohann_senthex
·18 dni temu·discuss
[flagged]
yohann_senthex
·2 miesiące temu·discuss
[flagged]
yohann_senthex
·3 miesiące temu·discuss
[dead]
yohann_senthex
·3 miesiące temu·discuss
Solid approach on the agent readable JSON. The real value here isn't just "catch bugs faster" it's that agents can now run comprehensive negative testing as part of the build loop, which is increasingly critical with agentic workflows.

One angle worth exploring: injection attacks. When Dochia fuzzes your endpoints, does it specifically test for prompt injection vectors if the API backend is an LLM? Most security tools miss that because they're generic but if an agent is writing an API that wraps Claude or GPT, you'd want fuzzing that includes things like "what if the user input gets templated into a system prompt?"

Same with token limits if the fuzzer generates massive payloads, does it distinguish between "API can't handle large inputs" vs "you'll bankrupt the user with token costs if this endpoint is exposed"?

Might be niche, but seems like low hanging fruit in the agentic testing space.
yohann_senthex
·4 miesiące temu·discuss
[dead]
yohann_senthex
·4 miesiące temu·discuss
[dead]