|
|
|
|
|
|
by tptacek
301 days ago
|
|
|
I think a pretty clear thru-line to the stories we're seeing about prompt injection and MCPs are agents that expose only a single context (or, at least, a single "logical" context) to their users: the untrusted data and the sensitive tool calls are coexisting within the same context window. |
|
|