17 mentions · 15 chunks · 13 episodes
...jection in the comments. 'Comment and Control': Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments. The Register: Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft ha...
...w Vulnerability: Website-to-Local Agent Takeover. RoguePilot: Exploiting GitHub Copilot for a Repository Takeover. An AI Chat App leaked 300 million messages due to misconfigured Firestore Security Rules. This is the kind of thing that h...
...d luck!" Superhuman AI Exfiltrates Emails. Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data
...t Injection Attack Demo : Here's What Every Developer Should Know Microsoft 365 Copilot allows arbitrary data exfiltration via Mermaid diagrams. Google Gemini's own demo breaks Google's own captchas without asking the user for permission...
...in the wild west roundup: A RCE where prompt injection can trivially get GitHub Copilot into YOLO mode. ASCII smuggling of prompt injection across various LLMs. Google refuses to fix it because "it's the user's responsibility." Responsib...
Avoid the Copilot Pause When interacting with agents, they do work and then ask for your judgment. If there's one agent, either the human or the agent is blocking on t...
... outperforms GPT-5 on hardened [security] benchmarks across the board." "GitHub Copilot RCE Vulnerability via Prompt Injection Leads to Full System Compromise"
It's crazy that Cursor, a VSCode fork that was created even after Github Copilot existed, is now worth more than the IDE companies. But it turns out that AI is the feature that is so important that everything else is secondary. An...
Imagine a copilot for your digital life.
...context to get closer to what you want, to steer it better. Kind of like GitHub Copilot but where instead of tab adding a few characters, it could add whole paragraphs. Because the key command is not simply "Enter" (which would add LLM-g...
...that outcome easier and easier for you to accomplish with less and less effort. Copilot, Cursor, et al have a bit of this feeling for programmers. But you could imagine it showing up more quickly in less programmer-focused ways, e.g. dra...
...pe of thing. It's more akin to comparing whole systems/scaffolding (e.g. Github Copilot Workspaces) around a model than comparing base models. It just so happens to implement what other people have implemented as a system around a model,...
...oughts and act on them... but doesn't have a personality. Spellcheck and Github Copilot are two examples. It doesn't feel like you're working with a genie, it's just instantly offering completions you can accept or not. The question isn'...
I saw another demo of Github's Copilot workspaces. It allows an agent, with some continuous babysitting from a human, to plan a change, research it, then modify the necessary files and gen...
In the Github Copilot feedback loop, if you don't like the recommendation, write a bit more comments and it will generate a new thing. The next thing to do to steer it is ...