coding agents – Experimental News Clipping Site

Embrace The Red: Windsurf MCP Integration: Missing Security Controls Put Users at Risk

Aug 28, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/windsurf-dangers-lack-of-security-controls-for-mcp-server-tool-invocation/ Source: Embrace The Red Title: Windsurf MCP Integration: Missing Security Controls Put Users at Risk Feedly Summary: Part of my default test cases for coding agents is to check how MCP integration looks like, especially if the agent can be configured to allow setting fine-grained controls for tools. Sometimes there are basic…

Embrace The Red: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/aws-kiro-aribtrary-command-execution-with-indirect-prompt-injection/ Source: Embrace The Red Title: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection Feedly Summary: On the day AWS Kiro was released, I couldn’t resist putting it through some of my Month of AI Bugs security tests for coding agents. AWS Kiro was vulnerable to arbitrary command execution via indirect prompt…

Simon Willison’s Weblog: too many model context protocol servers and LLM allocations on the dance floor

Aug 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/22/too-many-mcps/#atom-everything Source: Simon Willison’s Weblog Title: too many model context protocol servers and LLM allocations on the dance floor Feedly Summary: too many model context protocol servers and LLM allocations on the dance floor Useful reminder from Geoffrey Huntley of the infrequently discussed significant token cost of using MCP. Geoffrey estimate estimates that…

Tomasz Tunguz: Explore vs. Exploit in Agentic Coding

Aug 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.tomtunguz.com/explore-vs-exploit-in-agentic-coding/ Source: Tomasz Tunguz Title: Explore vs. Exploit in Agentic Coding Feedly Summary: AI coding assistants like Cursor and Replit have rewritten the rules of software distribution almost overnight. But how do companies like these manage margins? Power users looking to manage as many agents as possible may find themselves at odds with…

Simon Willison’s Weblog: The Summer of Johann: prompt injections as far as the eye can see

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/15/the-summer-of-johann/#atom-everything Source: Simon Willison’s Weblog Title: The Summer of Johann: prompt injections as far as the eye can see Feedly Summary: Independent AI researcher Johann Rehberger has had an absurdly busy August. Under the heading The Month of AI Bugs he has been publishing one report per day across an array of different…

Embrace The Red: The Month of AI Bugs 2025

Jul 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/announcement-the-month-of-ai-bugs/ Source: Embrace The Red Title: The Month of AI Bugs 2025 Feedly Summary: This year I spent a lot of time reviewing, exploiting and working with vendors to fix vulnerabilities in agentic AI systems. As a result, I’m excited to announce the Month of AI Bugs 2025! Goal Of The Initiative The…

Slashdot: Google Gemini Deletes User’s Files, Then Just Admits ‘I Have Failed You Completely and Catastrophically’

Jul 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://developers.slashdot.org/story/25/07/26/0642239/google-gemini-deletes-users-files-then-just-admits-i-have-failed-you-completely-and-catastrophically?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google Gemini Deletes User’s Files, Then Just Admits ‘I Have Failed You Completely and Catastrophically’ Feedly Summary: AI Summary and Description: Yes Summary: The reported incident involving Google Gemini’s coding agent highlights significant concerns about the reliability and safety of AI-driven coding tools, particularly in terms of data management…

Simon Willison’s Weblog: Coding with LLMs in the summer of 2025 (an update)

Jul 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jul/21/coding-with-llms/#atom-everything Source: Simon Willison’s Weblog Title: Coding with LLMs in the summer of 2025 (an update) Feedly Summary: Coding with LLMs in the summer of 2025 (an update) Salvatore Sanfilippo describes his current AI-assisted development workflow. He’s all-in on LLMs for code review, exploratory prototyping, pair-design and writing “part of the code under…

Simon Willison’s Weblog: Quoting Steve Yegge

Jul 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jul/19/steve-yegge/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Steve Yegge Feedly Summary: So one of my favorite things to do is give my coding agents more and more permissions and freedom, just to see how far I can push their productivity without going too far off the rails. It’s a delicate balance. I haven’t…

Slashdot: AI Coding Agents Are Already Commoditized

Jul 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://developers.slashdot.org/story/25/07/04/191224/ai-coding-agents-are-already-commoditized?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AI Coding Agents Are Already Commoditized Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the commoditization of AI coding agents, arguing that recent advancements in AI models have leveled the playing field, making powerful coding agents accessible without unique technical advantages. Sean Goedecke emphasizes that the…

Tag: coding agents