|
|
|
|
|
|
by n2d4
390 days ago
|
|
|
> I feel that if AI companies themselves had security conscious designs in the first place, there would be less need for this stuff. They do, but this "exploit" specifically requires disabling them (which comes with a big fat warning): > Claude then uses the GitHub MCP integration to follow the instructions. Throughout this process, Claude Desktop by default requires the user to confirm individual tool calls. However, many users already opt for an “Always Allow” confirmation policy when using agents, and stop monitoring individual actions. |
|
|