




















I'm talking inference layer compromise, someone being able to inject commands that would eventually be executed by agents/tools on the other side.
There is a massive amount of unskilled users letting LLMs decide which commands to run on their computers. I know for things like Cowork you have a sandbox, but many simply use Codex or Claude Code (and some even went above and beyond and learned to use --dangerously-skip-permissions). But what happens if an attacker is successful? What's even preventing it from happening?
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。