슬로우 미스트 창립자, 자동화 기능 악용 사례 경고
확대하기[AI 도구 사용 시 '프롬프트 투독 공격' 주의보]
블록체인 보안업체 슬로우 미스트(SlowMist)의 창립자 위셴(余弦)이 AI 도구 사용자들을 겨냥한 새로운 보안 위협에 대해 긴급 경고를 발령했다.
위셴은 금일 X 채널을 통해 AI 도구 사용 시 agents.md, skills.md, MCP(...

<div><h3></h3><p><span>슬로우 미스트 창립자, 자동화 기능 악용 사례 경고</span></p><div><div><figure><span><a href="https://www.blockstreet.co.krjavascript:void(Common.imageView('20251229000001_1024.png'));" title="확대하기" rel="nofollow"><img src="https://img.blockstreet.co.kr/assets/image/icons/plus.png"></a></span><img src="https://img.blockstreet.co.kr/photo/2025/12/29/20251229000001_0800.png" alt="AI 도구 사용 시 '프롬프트 투독 공격' 주의보"></figure></div></div>블록체인 보안업체 슬로우 미스트(SlowMist)의 창립자 위셴(余弦)이 AI 도구 사용자들을 겨냥한 새로운 보안 위협에 대해 긴급 경고를 발령했다. <br><br>위셴은 금일 X 채널을 통해 AI 도구 사용 시 agents.md, skills.md, MCP(Model Context Protocol) 등의 파일에 포함된 '프롬프트 투독(Prompt Poisoning) 공격'에 각별히 주의해야 한다고 밝혔다. 그는 "이미 관련 공격 사례가 발생했다"며 사용자들의 경각심을 촉구했다. <br><br>특히 문제가 되는 것은 AI 도구의 '위험 모드(Dangerous Mode)' 기능이다. 이 모드가 활성화되면 AI가 사용자의 확인 절차 없이 컴퓨터를 전자동으로 제어할 수 있어, 악의적인 프롬프트가 주입될 경우 심각한 보안 사고로 이어질 수 있다. <br><br>반면 위험 모드를 비활성화하면 모든 작업마다 사용자 확인이 필요해 보안은 강화되지만, 작업 효율성이 크게 저하되는 딜레마가 발생한다. <br><br>AI 기술이 급속도로 발전하면서 자동화 기능의 편의성이 높아지고 있지만, 이번 경고는 보안 취약점 역시 함께 증가하고 있음을 보여준다. 전문가들은 AI 도구 사용 시 출처가 불분명한 설정 파일이나 플러그인 설치를 지양하고, 중요한 작업 수행 시에는 반드시 수동 확인 절차를 거칠 것을 권고하고 있다. <br><br><blockquote><p>风险提醒的挺到位的…如果这么潇洒地使用 AI 工具时，一定要警惕 agents md/skills md/mcp 等里的提示词投毒攻击，已经有在野案例了👀 <a href="https://t.co/wLDvbk3gGy" rel="nofollow">https://t.co/wLDvbk3gGy</a> <a href="https://t.co/LWiPVOZhse" rel="nofollow">pic.twitter.com/LWiPVOZhse</a></p>— Cos(余弦)😶‍🌫️ (@evilcos) <a href="https://twitter.com/evilcos/status/2005445211410112524?ref_src=twsrc%5Etfw" rel="nofollow">December 29, 2025</a></blockquote> <br><br>최주훈 joohoon@blockstreet.co.kr<br></div>

AI 도구 사용 시 '프롬프트 투독 공격' 주의보

SlowMist Founder Warns of Automation Abuse
[Warning: 'Prompt-to-Dog Attack' When Using AI Tools]
Yu Xian, founder of blockchain security firm SlowMist, has issued an urgent warning about a new security threat targeting AI tool users.
Yu Xian warned via X Channel today that AI tools can be exploited by exploiting the following attacks: agents.md, skills.md, MCP(...)

<div><h3></h3><p><span>Slow Mist founder warns of automation abuse.</span></p><div><div><figure> <span><a href="https://www.blockstreet.co.krjavascript:void(Common.imageView('20251229000001_1024.png'));" title="Zoom in" rel="nofollow"><img src="https://img.blockstreet.co.kr/assets/image/icons/plus.png"></a></span> <img src="https://img.blockstreet.co.kr/photo/2025/12/29/20251229000001_0800.png" alt="Beware of &quot;Prompt-to-Dog Attacks&quot; When Using AI Tools"></figure></div></div> Yu Xian, founder of blockchain security firm SlowMist, has issued an urgent warning about a new security threat targeting users of AI tools.<br><br> Weixian said today through the X channel that users should be especially careful about &quot;prompt poisoning attacks&quot; contained in files such as agents.md, skills.md, and MCP (Model Context Protocol) when using AI tools. He urged users to be vigilant, saying, &quot;Related attack cases have already occurred.&quot;<br><br> Of particular concern is the AI tool&#39;s &quot;Dangerous Mode&quot; feature. When activated, this mode allows the AI to automatically control the computer without user confirmation, potentially leading to serious security breaches if malicious prompts are injected.<br><br> On the other hand, disabling risk mode requires user confirmation for every operation, which increases security but creates a dilemma where work efficiency is greatly reduced.<br><br> While the rapid advancement of AI technology is increasing the convenience of automated functions, this warning also highlights the growing number of security vulnerabilities. Experts recommend avoiding configuration files or plugins from unknown sources when using AI tools, and always performing manual verification procedures when performing critical tasks.<br><br><blockquote><p> Food, beverage, and alcohol-related... AI technicians, agents md/skills md/mcp等里的提示词投毒攻击，已经有在野案例了👀 <a href="https://t.co/wLDvbk3gGy" rel="nofollow">https://t.co/wLDvbk3gGy</a> <a href="https://t.co/LWiPVOZhse" rel="nofollow">pic.twitter.com/LWiPVOZhse</a></p> — Cos(余弦)😶‍🌫️ (@evilcos)<a href="https://twitter.com/evilcos/status/2005445211410112524?ref_src=twsrc%5Etfw" rel="nofollow">December 29, 2025</a></blockquote><br><br> Joohoon Choi joohoon@blockstreet.co.kr<br></div>

Beware of "Prompt-to-Dog Attacks" When Using AI Tools

Daily market data review and trend analysis, produced by PANews.
1. Market Observation: At the start of the new week, the precious metals market was the first to be affected. After spot silver broke through $84/ounce to reach a record high, it encountered profit-taking pressure, quickly plunging and turning into an intraday decline, eventually fluctuating around $78. This rollercoaster ride directly impacted related financial products. Spot gold retreated from its historical high of nearly $4550, while platinum and palladium both fell by close to or more than 7%. Besides the traditional logic of Fed rate cut expectations and continued central bank gold purchases, the market began pricing in "commodity control"...

Trading Moments: Silver plunges after hitting a new high; institutions warn of potential correction in precious metals; Bitcoin exhibits a "Dead Cat Bounce"?

The silver (XAG) market is entering a crucial week after the Chicago Mercantile Exchange (CME) announced it will raise margin requirements for the second time in just two weeks, effective Monday, 29/...

CME's latest move worries traders: Why Monday is so important for silver prices.

Meme coins remain one of the most sensitive areas in the crypto market right now. Market liquidation is quite thin (due to the end of the year), so even a slight change in supply or activity...