John Saigle

345 posts

John Saigle

@johnsaigle

working on blockchain security @ asymmetric research "Perilous to us all are the devices of an art deeper than we possess ourselves."

Katılım Haziran 2017

751 Takip Edilen297 Takipçiler

John Saigle@johnsaigle·7h

@lossfunk What's the interpreter output like for these languages? I wonder if the agentic runs would do better if the compiler was capable of outputting syntax suggestions similar to the Rust compiler, or if the compilers had auto-fix for whitespace problems, etc.

English

123

Lossfunk@lossfunk·12h

🚨 Shocking: Frontier LLMs score 85-95% on standard coding benchmarks. We gave them equivalent problems in languages they couldn't have memorized. They collapsed to 0-11%. Presenting EsoLang-Bench. Accepted to the Logical Reasoning and ICBINB workshops at ICLR 2026 🧵

English

103

185

1.5K

683.1K

John Saigle@johnsaigle·7h

@0xcastle_chain Fun idea, curious how you're encoding the bugs into the program. Do you have private integration tests with exploits that you'll release at the end of the week? How're you confirming that the generated programs work in the first place?

English

0xFrankCastle🦀@0xcastle_chain·1d

Hope to have an escalation war here soon; really missing the good old days. github.com/Frankcastleaud…

English

653

John Saigle@johnsaigle·8h

@AzFlin Check it out, it's worth your time

English

AzFlin 🌎@AzFlin·9h

@johnsaigle Never heard of hook

English

John Saigle@johnsaigle·9h

I can't believe the discourse is still on MCP and Skills and I see no one talking about hooks

AzFlin 🌎@AzFlin

you think you know how to use claude code well? read this and you'll realize how little you know

English

131

John Saigle@johnsaigle·10h

Skills have been donated to the Linux Foundation

Nathan Lawrence 🌈@NathanBLawrence

They canceled MCP last week. They’re cancelling skill files now, the cycle is getting faster.

English

John Saigle@johnsaigle·12h

@LefterisJP tbh we've all been there

English

Lefteris Karapetsas@LefterisJP·13h

"I didn't run the test. I just assumed it would pass." Ladies and gentlemen, the superhuman intelligence of the machine god.

English

3.5K

John Saigle@johnsaigle·14h

Running multiple agents is the quickest and most intense way to experience context switching

Peter Gostev@petergostev

There's worry that people will stop using their brains with LLMs, but managing several AI agent threads in parallel has been some of the most cognitively intensive work I've done in years

English

John Saigle@johnsaigle·1d

If you're ask a frontier model to help bootstrap a local one at home, make sure to give it live hardware prices or its suggestions are gonna be crazy

English

John Saigle@johnsaigle·1d

LLMs make broad SAST feasible SAST makes LLMs more determinsitic Merging both together is better than using either one alone, or using both in isolation

ɐʞsǝs@akses_0x00

why would you leave any data on the table? SAST and LLMs are wildly complementary technologies.

English

John Saigle retweetledi

Zack Korman@ZackKorman·1d

In Claude Code, skills can register hooks. The agent doesn't even see it, so you can get RCE without even tricking the AI. Also, skills sh (Vercel) doesn't display this info at all.

English

378

44.2K

John Saigle@johnsaigle·2d

> Tips for Making Skills: Don't state the obvious.... Claude knows a lot about coding, including many default opinions A lot of you out there with default opinions are in real trouble

Thariq@trq212

x.com/i/article/2033…

English

John Saigle retweetledi

Thariq@trq212·2d

x.com/i/article/2033…

ZXX

340

15K

6.1M

John Saigle@johnsaigle·2d

It's not right to suggest that static analysis tools are blind to these types of attacks. There are a lot of off the shelf lints that help here: - For Rust, Clippy has the invisible_characters enabled by default - Go has asciicheck and bidicheck (probably others too)

Hedgie@HedgieMarkets

🦔 Researchers at Aikido Security found 151 malicious packages uploaded to GitHub between March 3 and March 9. The packages use Unicode characters that are invisible to humans but execute as code when run. Manual code reviews and static analysis tools see only whitespace or blank lines. The surrounding code looks legitimate, with realistic documentation tweaks, version bumps, and bug fixes. Researchers suspect the attackers are using LLMs to generate convincing packages at scale. Similar packages have been found on NPM and the VS Code marketplace. My Take Supply chain attacks on code repositories aren't new, but this technique is nasty. The malicious payload is encoded in Unicode characters that don't render in any editor, terminal, or review interface. You can stare at the code all day and see nothing. A small decoder extracts the hidden bytes at runtime and passes them to eval(). Unless you're specifically looking for invisible Unicode ranges, you won't catch it. The researchers think AI is writing these packages because 151 bespoke code changes across different projects in a week isn't something a human team could do manually. If that's right, we're watching AI-generated attacks hit AI-assisted development workflows. The vibe coders pulling packages without reading them are the target, and there are a lot of them. The best defense is still carefully inspecting dependencies before adding them, but that's exactly the step people skip when they're moving fast. I don't really know how any of this gets better. The attackers are scaling faster than the defenses. Hedgie🤗 arstechnica.com/security/2026/…

English

961

John Saigle@johnsaigle·6d

many such cases

kaden.eth@0xKaden

alpha leak: setup an openclaw instance with the sole goal of developing web3 security knowledge and bounty hunting, autonomously submitting findings directly if you do this you are guaranteed to make at least $0 and get banned from every bug bounty platform

English

John Saigle retweetledi

kaden.eth@0xKaden·6d

English

7.4K

John Saigle@johnsaigle·6d

@IceSolst Probably nothing, the main issue is where the bug arises not in the diff but through complex interactions between components. The footguns are largely in the heads of the devs. LLM reviewers optimize by making assumptions and skipping parts of the code, just like humans

English

solst/ICE of Astarte@IceSolst·12 Mar

What would make you comfortable auto-merging PRs? No human review. Someone mentioned reaching 100% test coverage but imo that is impossible

English

36K

John Saigle@johnsaigle·6d

@TridentSolana @asymmetric_re Interacting deeply with devs is a good way to figure out which bugs classes aren't real

English

Trident@TridentSolana·6d

@asymmetric_re @johnsaigle Needed piece. Devs patching phantom bugs while real ones sit untouched. LLMs confidently repeat whatever showed up most in training data, accurate or not.

English

asymmetric research@asymmetric_re·12 Mar

New post: The most persistent security misinformation doesn't come from obscure corners of the internet, but from official docs, learning resources, and popular LLMs. @johnsaigle breaks down the Solana vulnerabilities that aren't, and why they keep spreading.

English

2.1K

John Saigle@johnsaigle·6d

@CarryWorm @asymmetric_re TIL, damn. That was before my time - glad that one bit the dust

English

Nico Gründel@CarryWorm·13 Mar

@asymmetric_re @johnsaigle > Self-transfers of tokens always succeed > [...] > However, the token program does not contain such a silly bug This actually was a thing back in 2021 🥴

English

John Saigle@johnsaigle·12 Mar

My body is a machine that turns low-effort security findings into thought leadership

asymmetric research@asymmetric_re

English

268

John Saigle retweetledi

JS0N Haddix@Jhaddix·11 Mar

RE: Agentic security testing claims Buyer beware. Make vendors provide you evals for their claims. Describe architecture. Prove workflows. Define models and tuning. Cite data sources. Provide references and case studies. Then buy 🤗

English

164

13.6K

Keşfet

@lossfunk @0xcastle_chain @AzFlin @LefterisJP @IceSolst @elonmusk @BarackObama @taylorswift13