product · 1 story across the archive · newest first · security
mentions by month
mixed HN readers largely agreed the demo highlights a real class of risk, but many pushed back on framing it as purely a GitHub bug rather than dangerous permission scoping. The thread was skeptical of LLM guardrails as security boundaries and repeatedly argued that agents should not see untrusted input while holding access — latest discussion,