Experimental News Clipping Site

Tag: coding agents

  • Scott Logic: Delegating the Grunt Work: AI Agents for UI Test Development

    by

    Kurt Seifried
    in

    Source URL: https://blog.scottlogic.com/2025/10/06/delegating-grunt-work.html Source: Scott Logic Title: Delegating the Grunt Work: AI Agents for UI Test Development Feedly Summary: UI automation testing is valuable but time-consuming, with on-going maintenance resulting from fragile selectors, asynchronous behaviors, and complex test paths. This blog post explores whether we can release ourselves from this burden by delegating it to…

  • Simon Willison’s Weblog: Cross-Agent Privilege Escalation: When Agents Free Each Other

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/24/cross-agent-privilege-escalation/ Source: Simon Willison’s Weblog Title: Cross-Agent Privilege Escalation: When Agents Free Each Other Feedly Summary: Cross-Agent Privilege Escalation: When Agents Free Each Other Here’s a clever new form of AI exploit from Johann Rehberger, who has coined the term Cross-Agent Privilege Escalation to describe an attack where multiple coding agents – GitHub…

  • Simon Willison’s Weblog: httpjail

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/19/httpjail/#atom-everything Source: Simon Willison’s Weblog Title: httpjail Feedly Summary: httpjail Here’s a promising new (experimental) project in the sandboxing space from Ammar Bandukwala at Coder. httpjail provides a Rust CLI tool for running an individual process against a custom configured HTTP proxy. The initial goal is to help run coding agents like Claude…

  • Docker: How to Build Secure AI Coding Agents with Cerebras and Docker Compose

    by

    Kurt Seifried
    in

    Source URL: https://www.docker.com/blog/cerebras-docker-compose-secure-ai-coding-agents/ Source: Docker Title: How to Build Secure AI Coding Agents with Cerebras and Docker Compose Feedly Summary: In the recent article, Building Isolated AI Code Environments with Cerebras and Docker Compose, our friends at Cerebras showcased how one can build a coding agent to use worlds fastest Cerebras’ AI inference API, Docker…

  • Embrace The Red: Windsurf MCP Integration: Missing Security Controls Put Users at Risk

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/windsurf-dangers-lack-of-security-controls-for-mcp-server-tool-invocation/ Source: Embrace The Red Title: Windsurf MCP Integration: Missing Security Controls Put Users at Risk Feedly Summary: Part of my default test cases for coding agents is to check how MCP integration looks like, especially if the agent can be configured to allow setting fine-grained controls for tools. Sometimes there are basic…

  • Embrace The Red: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/aws-kiro-aribtrary-command-execution-with-indirect-prompt-injection/ Source: Embrace The Red Title: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection Feedly Summary: On the day AWS Kiro was released, I couldn’t resist putting it through some of my Month of AI Bugs security tests for coding agents. AWS Kiro was vulnerable to arbitrary command execution via indirect prompt…

  • Simon Willison’s Weblog: too many model context protocol servers and LLM allocations on the dance floor

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Aug/22/too-many-mcps/#atom-everything Source: Simon Willison’s Weblog Title: too many model context protocol servers and LLM allocations on the dance floor Feedly Summary: too many model context protocol servers and LLM allocations on the dance floor Useful reminder from Geoffrey Huntley of the infrequently discussed significant token cost of using MCP. Geoffrey estimate estimates that…