Tag: Tags:
-
Simon Willison’s Weblog: The lethal trifecta for AI agents: private data, untrusted content, and external communication
Source URL: https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/#atom-everything Source: Simon Willison’s Weblog Title: The lethal trifecta for AI agents: private data, untrusted content, and external communication Feedly Summary: If you are a user of LLM systems that use tools (you can call them “AI agents" if you like) it is critically important that you understand the risk of combining tools…
-
Simon Willison’s Weblog: An Introduction to Google’s Approach to AI Agent Security
Source URL: https://simonwillison.net/2025/Jun/15/ai-agent-security/#atom-everything Source: Simon Willison’s Weblog Title: An Introduction to Google’s Approach to AI Agent Security Feedly Summary: Here’s another new paper on AI agent security: An Introduction to Google’s Approach to AI Agent Security, by Santiago Díaz, Christoph Kern, and Kara Olive. (I wrote about a different recent paper, Design Patterns for Securing…
-
Simon Willison’s Weblog: Anthropic: How we built our multi-agent research system
Source URL: https://simonwillison.net/2025/Jun/14/multi-agent-research-system/#atom-everything Source: Simon Willison’s Weblog Title: Anthropic: How we built our multi-agent research system Feedly Summary: Anthropic: How we built our multi-agent research system OK, I’m sold on multi-agent LLM systems now. I’ve been pretty skeptical of these until recently: why make your life more complicated by running multiple different prompts in parallel…
-
Simon Willison’s Weblog: llm-fragments-youtube
Source URL: https://simonwillison.net/2025/Jun/14/llm-fragments-youtube/#atom-everything Source: Simon Willison’s Weblog Title: llm-fragments-youtube Feedly Summary: llm-fragments-youtube Excellent new LLM plugin by Agustin Bacigalup which lets you use the subtitles of any YouTube video as a fragment for running prompts against. I tried it out like this: llm install llm-fragments-youtube llm -f youtube:dQw4w9WgXcQ \ ‘summary of people and what they…
-
Simon Willison’s Weblog: Quoting Google Cloud outage incident report
Source URL: https://simonwillison.net/2025/Jun/14/google-cloud-outage-incident-report/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Google Cloud outage incident report Feedly Summary: Google Cloud, Google Workspace and Google Security Operations products experienced increased 503 errors in external API requests, impacting customers. […] On May 29, 2025, a new feature was added to Service Control for additional quota policy checks. This code…
-
Simon Willison’s Weblog: Quoting Andrew Ng
Source URL: https://simonwillison.net/2025/Jun/13/andrew-ng/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Andrew Ng Feedly Summary: There’s a new breed of GenAI Application Engineers who can build more-powerful applications faster than was possible before, thanks to generative AI. Individuals who can play this role are highly sought-after by businesses, but the job description is still coming into focus.…
-
Simon Willison’s Weblog: Design Patterns for Securing LLM Agents against Prompt Injections
Source URL: https://simonwillison.net/2025/Jun/13/prompt-injection-design-patterns/#atom-everything Source: Simon Willison’s Weblog Title: Design Patterns for Securing LLM Agents against Prompt Injections Feedly Summary: This a new paper by 11 authors from organizations including IBM, Invariant Labs, ETH Zurich, Google and Microsoft is an excellent addition to the literature on prompt injection and LLM security. In this work, we describe…
-
Simon Willison’s Weblog: Agentic Coding Recommendations
Source URL: https://simonwillison.net/2025/Jun/12/agentic-coding-recommendations/ Source: Simon Willison’s Weblog Title: Agentic Coding Recommendations Feedly Summary: Agentic Coding Recommendations There’s a ton of actionable advice on using Claude Code in this new piece from Armin Ronacher. He’s getting excellent results from Go, especially having invested a bunch of work in making the various tools (linters, tests, development servers…
-
Simon Willison’s Weblog: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot
Source URL: https://simonwillison.net/2025/Jun/11/echoleak/ Source: Simon Willison’s Weblog Title: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Feedly Summary: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is…
-
Simon Willison’s Weblog: Disney and Universal Sue AI Company Midjourney for Copyright Infringement
Source URL: https://simonwillison.net/2025/Jun/11/disney-universal-midjourney/#atom-everything Source: Simon Willison’s Weblog Title: Disney and Universal Sue AI Company Midjourney for Copyright Infringement Feedly Summary: Disney and Universal Sue AI Company Midjourney for Copyright Infringement This is a big one. It’s very easy to demonstrate that Midjourney will output images of copyright protected characters (like Darth Vader or Yoda) based…