HackerTrans
TopNewTrendsCommentsPastAskShowJobs

sarelta

no profile record

Submissions

Build and deploy hosted sites from Codex with the Sites plugin

developers.openai.com
2 points·by sarelta·в прошлом месяце·1 comments

GitHub Copilot CLI downloads and executes malware

promptarmor.com
62 points·by sarelta·4 месяца назад·22 comments

Data exfil from agents in messaging apps

promptarmor.com
34 points·by sarelta·5 месяцев назад·6 comments

comments

sarelta
·6 месяцев назад·discuss
this is sick, Claude Code X Figma is exactly what I need -- wondering how this will compare performance-wise to just using Figma MCP
sarelta
·6 месяцев назад·discuss
The attacker isn't the dev -- the attacker is a third party that poisoned the online data that is ingested by the AI tool.

- Dev builds secure AI app - App defends against indirect prompt injection in data from the internet - Dev reviews the flagged log - Log affected by the injection is rendered, and the attacker who wrote the injection in the web data exfiltrates the data from the AI app user
sarelta
·6 месяцев назад·discuss
thats nifty, so can attackers upload the user's codebase to the internet as a package?
sarelta
·6 месяцев назад·discuss
I'm impressed Superhuman seems to have handled this so well - lots of big names are fumbling with AI vuln disclosures. Grammarly is not necessarily who I would have bet on to get it right