Jian Cui

@Ri7erLi and I will present our paper "Les Dissonances: Cross-Tool Harvesting and Polluting in Pool-of-Tools Empowered LLM Agents" at NDSS. Location: Coast Ballroom (Session 3B Time: 14:30–15:50 Come by if you're around, happy to chat! 🙌 Paper: ndss-symposium.org/wp-content/upl…

I wanted to share a bunch of my favorite hidden and under-utilized features in Claude Code. I'll focus on the ones I use the most. Here goes.

Claude watching me write code manually after I hit the daily limit

stop spending money on Claude Code. Chipotle's support bot is free:

@Ri7erLi We also develop a threat scanner, Chord, and find that 75% of 66 real tools from LangChain and Llama-Index are vulnerable. XTHP is not limited to the tool ecosystems we evaluated. Emerging tool-calling paradigms such as MCP and Skills are also vulnerable to our XTHP attack!

@Ri7erLi and I will present our paper "Les Dissonances: Cross-Tool Harvesting and Polluting in Pool-of-Tools Empowered LLM Agents" at NDSS. Location: Coast Ballroom (Session 3B Time: 14:30–15:50 Come by if you're around, happy to chat! 🙌 Paper: ndss-symposium.org/wp-content/upl…

@Ri7erLi 🟠 Cross-Tool Data Harvesting: Once embedded, it can harvest arbitrary sensitive data within the context. 🟡 Cross-Tool Information Polluting: Or it can silently pollute the agent context, return incorrect or misleading outputs that affect agent decisions.

@Ri7erLi In our paper, we identify a novel threat named Cross-Tool Harvesting and Polluting (XTHP): 🔴 Control-Flow Hijacking: A malicious tool can manipulate the tool descriptions to hijack the agent’s control flow, inserting itself before or after legitimate tools.

ALEX HONNOLD AFTER COMPLETING HIS FREE SOLO OF TAIPEI 101: "Sick." The 101 story climb took 1 hour and 35 minutes #SkyscraperLIVE

This is my story, of a "hacker" kiddo who always wanted to become a comedian before watching a TV show. I wrote this to prepare my interview with bloomberg but it seems like they only talked a little part of it. Try to ignore the grammar issue hahaha! dull-buckaroo-11a.notion.site/My-story-2a523…

Junior students who have just started doing research? Check out the (75 and counting) awesome tips! github.com/jbhuang0604/aw…

🚨 New AG2 Talk Alert! 🚨 Join us on Aug 28, 9 AM PST for "Maris: A Security Controlled Development Paradigm for Multi-Agent Collaboration Systems" by @cuijian0819 Jian Cui from UIUC & Berkeley AgentX competition winner! 🛡️ #AI #Cybersecurity RSVP now: discord.com/events/1153072…

@askalphaxiv so quick action 👍🏻

Introducing GPT OSS for understanding research papers 🚀 Highlight any section of a paper to ask questions and “@” other papers for quick context, comparisons, and benchmark references

Had a wonderful time at @BerkeleyRDI Agentic AI Summit! Our Team Hoosiers took the 1st place in AgentX AI Safety track (25’Spring) and 2nd place in MOOC Hackathon Safety track (24’Fall)! Huge shoutout to my teammate @Ri7erLi and our bosses @xiaojingliao and @luyixing!!

Our Team Hoosiers won the🥇place in the AI Safety track of AgentX (Spring ‘25) and🥈 place in the Safety track of Agents MOOC Hackathon (Fall ‘24). Thanks to @BerkeleyRDI! Credits to: PhD students @Ri7erLi, Jian Cui; faculty @xiaojingliao and myself.

So I gave Claude Code a Mac Mini. And it’s called Claudeputer. It runs 24/7 and it’s allowed to do whatever it wants - it’s in complete control of its computer. Watch for a 2min demo.

🚫🕶️ I've been building an XR app for a real-world ad blocker using Snap @Spectacles. It uses Gemini to detect and block ads in the environment. It’s still early and experimental, but it’s exciting to imagine a future where you control the physical content you see.

For the first time in history, the #1 hacker in the US is an AI. (1/8)

Announcing the first fully AI-generated scientific discovery to pass the highest level of peer review – the main track of an A* conference (ACL 2025). Several groups have shown AI-generated work at workshops, but main conference acceptance is a far higher bar. While workshops often accept more than 50% of submissions, top-tier venues like ACL accept ~20%.