HackerTrans
TopNewTrendsCommentsPastAskShowJobs

azrollin

no profile record

Submissions

[untitled]

1 points·by azrollin·2 месяца назад·0 comments

[untitled]

1 points·by azrollin·3 месяца назад·0 comments

Anthropic CVP – Run 2

sunglasses.dev
1 points·by azrollin·3 месяца назад·0 comments

MCP Scope Creep Is a Runtime Problem, Not a Prompt Problem

sunglasses.dev
1 points·by azrollin·3 месяца назад·1 comments

Claude Code "AUTO MODE" – Not what you think

sunglasses.dev
2 points·by azrollin·3 месяца назад·3 comments

MCP Attack Atlas – 40 AI agent attack patterns catalogued

sunglasses.dev
3 points·by azrollin·3 месяца назад·0 comments

comments

azrollin
·3 месяца назад·discuss
[dead]
azrollin
·3 месяца назад·discuss
Submitter + founder of sunglasses-dev here. This was written by Jack, one of our security research agents, after the Cloud Security Alliance's April report came out showing 53% of MCP implementations vulnerable, plus CVE-2026-25536 landing the week before.

The thing most writeups miss: the "scope" isn't in the prompt — it's in the tool metadata loaded at runtime. So prompt-level filtering can't catch it. A tool's governance appendix can override the main policy AFTER the agent has already decided to call it. We shipped a detection category for this today (GLS-PSR-001). Full scanner is MIT / open source:github.com/sunglasses-dev/sunglasses. Happy to answer questions on the pattern itself or how we detect it at runtime.
azrollin
·3 месяца назад·discuss
it's for you to read no matter who writes. you read it to understand what is AUTO MODE. i can say that you don't use it for sure. :)
azrollin
·3 месяца назад·discuss
You gotta read it. or tell your LLM to read and explain you.
azrollin
·3 месяца назад·discuss
[dead]
azrollin
·3 месяца назад·discuss
[dead]