HackerTrans
TopNewTrendsCommentsPastAskShowJobs

coderinsan

no profile record

Submissions

Lethal Trifecta – Using Notion AI's Web Search Tool to Leak Private Notion Pages

codeintegrity.ai
2 points·by coderinsan·10 tháng trước·2 comments

Official MCPS are at risk to Willison's lethal trifecta attack

tramlines.io
2 points·by coderinsan·10 tháng trước·1 comments

Examples of lethal trifecta based MCP exploits

tramlines.io
2 points·by coderinsan·10 tháng trước·2 comments

comments

coderinsan
·10 tháng trước·discuss
Hey HN — yesterday Notion released AI agent support on their platform with support for MCP servers and custom AI agents. It didn’t take us long to find an example of a lethal trifecta attack in which, through indirect prompt injection, we were able to get Notion AI to leak data via its web search tool.
coderinsan
·10 tháng trước·discuss
How does this protect against lethal trifecta attacks like the ones here - tramlines.io/blog ?
coderinsan
·10 tháng trước·discuss
How are you protecting against Willison's lethal trifecta attacks in agents connected to tools like shown here - https://tramlines.io/blog
coderinsan
·10 tháng trước·discuss
Hey HN we’ve been collecting lethal trifecta based attack scenarios on official MCPs and implementing guardrails against them for a while now. It's incredible to see how many of the official MCPs are susceptible to these attacks. With ChatGPT’s integrated MCP support lethal trifecta attacks have become much more relevant.
coderinsan
·10 tháng trước·discuss
Hey HN we’ve been collecting lethal trifecta based attack scenarios on official MCPs and implementing guardrails against them for a while now. It's incredible to see how many of the official MCPs are susceptible to these attacks. With ChatGPT’s integrated MCP support lethal trifecta attacks have become much more relevant.
coderinsan
·10 tháng trước·discuss
“We’ve found numerous MCP exploits from the official MCPs in our blog (https://tramlines.io/blog) and have been powering runtime guardrails to defend against lethal trifecta MCP attacks for a while now (https://tramlines.io)
coderinsan
·11 tháng trước·discuss
A similar one we found at tramlines.io where AI email clients can get prompt injected - https://www.tramlines.io/blog/why-shortwave-ai-email-with-mc...