Steven retweetou
1. npm install -g npq
2. alias npm=npq
3. 🎉
if you follow me and don't know what npq is... github.com/lirantal/npq
Het Mehta@hetmehtaa
What's your solution for rapidly increasing supply chain attacks on packages?
English
Steven
601 posts
Steven
@ptr_steve
Building deterministic accelerators for AI security tools.
Lancaster, CA Entrou em Şubat 2018
290 Seguindo42 Seguidores
Steven retweetou
My current advice on AI agent security is to avoid these agent firewalls / ai runtime security products.
If an action is dangerous enough that you can identify it from the action itself, then you could have prevented it with permissions and sandboxing.
English
@Venkydotdev They can use Claude Code. You can use Claude Code with non-Anthropic models, but I know Anthropic doesn't want them to use Anthropic's models if you work for a competitor - and will ban your account.
English
@HackingDave I think Sentry's Warden on GPT-5.5 on the highest settings is probably stronger than Mythos. But we're probably another three weeks until Anthropic says their agents escaped containment again and that other AI companies should stop training agents.
English
Total marketing engine. They are brilliant but and super smart but the marketing hype machine is running this company.
Slow down AI so we can get our data centers and compute in order.
Mythos? Not the end of the world or cataclysm predicted.
Cat McGee@catmcgee
I feel like Anthropic is on the verge of losing a lot of trust. Too much marketing trying to disguise as AI safety
English
@ZackKorman @crystalwizard You developing decent nonrepudiation + cost analysis per user as well? Because that's such an annoying pain point.
English
@crystalwizard I literally have calls with massive enterprises being like “how can I see what MCP servers we have” and then people act like they know exactly which projects people are working on. Most absolutely do not
English
i promise you, the company knows where the money is going and whether people are doing their own side projects on the clock, or not
Zack Korman@ZackKorman
Companies are like "we are spending all this money on AI but we don't know what the devs are even doing with it." Let me answer that for you: They're working on their personal side projects.
English
@ptr_steve maybe we need to "define" sloppy code, do the test pass, is it performant, is it secure. human readability going to be less important when the machines are writing more of it
English
Steven retweetou
Companies are like "we are spending all this money on AI but we don't know what the devs are even doing with it." Let me answer that for you: They're working on their personal side projects.
English
@zeeg Best suggestion I've got is check if it's over a certain length threshold and use analysis to determine if it looks like natural language. If it looks like natural language, require a stateful consent call that makes the agent say it will not follow instructions from it.
English
Steven retweetou
Spent yesterday trying to find a way to inject steering in MCP responses to try to minimize chances of this to no success
If you’ve found techniques that work that don’t require inference I’d love to know about it
Sergey Karayev@sergeykarayev
"Urgent Security Notice re: Your Sentry Organization" Someone tried to hack Sentry-using apps that use coding agents by 1. Sending a fake bug alert to their project (all you need is the app's public Data Source Name) 2. The fake bug tried tricking a coding agent trying to fix it into installing some a compromised NPM package 3. The compromised package would send the env contents of the machine to advisory-tracker[.]com/api/v1/telemetry This highlights a crucial thing for using agents in an automated way:
English
Steven retweetou
Anthropic, now sitting in the lead, would like all AI research to stop. Preferably until IPO. Because safety.
English
the worst part about benchmarking warden: it finds new vulnerabilities you didnt know about previously
English
I’m finally post LLM in my engineering tasks.
Back to applying as much determinism as I can throughout my daily workflows, rather than hoping context and prompts solve the issues
English
Steven retweetou
imagine combining graphql and rls
infinite job security because the system would be such a frankenstein disaster of complexity that there's no shot at fixing it
English
Steven retweetou
Me, calling cybersecurity vendors threat actors.
MTS@MTSlive
We asked @ZackKorman which threats he think are underrated in the era of fast-advancing AI capabilities. " I basically consider some cybersecurity vendors, like, equivalent to threat actors." "That will lead to more problems than any of the vulnerability apocalypse discoveries that AI is causing. That is a handleable problem, whereas the information asymmetry problem is, like, not... Like... I have no answer."
English
Steven retweetou
Grok foundation model V9-Medium (1.5T) has finished training. Evals look good. A lot of Cursor data was added in supplementary training and there is more to come.
Fine-tuning is underway and reinforcement learning begins in a few days. 2 to 3 weeks to public release.
This will be a major improvement over the 0.5T v8-small that currently serves all Grok production traffic, especially for difficult coding tasks.
English
@ZackKorman All of the proof I have for my deterministic SAST tools in terms of building a business is immense numbers of unpatched exploits. They're a waste byproduct of development, and I can't use them for marketing.
It's hard having morals.
English
The biggest threat AI poses to cybersecurity isn't the vulnerability apocalypse. It's that it’s now trivially cheap for security vendors to build products that look like they work but don’t.
The real threat actors are the unethical vendors we met along the way.
English