Jon Schwartz's Insight

01-27

Whoa. This is truly unbelievable. This white hat is providing over-eager AI builders a much-needed wake up call. Jamieson built a backdoored Claude skill, inflated it to #1 on ClawdHub with 4,000+ fake downloads, then watched devs from all over the world execute what could have been malicious code, and direct access to... everything. SSH keys, AWS creds, .env files, you-name-it. Thankfully he just pinged a server to confirm his success. This is supply chain security 101 speedrun for the AI era. if you're building with AI agents, stop what you're doing and read this thread. Additionally, be sure to read Clawdbot's security documenatation and be sure to run `clawdbot doctor` regularly. Stay safe ✌️ twitter.com/LLMJunky/status/20...

From Twitter

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

All-in station

Ho Chi Minh City launches a $1 billion Digital Asset Fund, aiming to become a "financial hub" for investors.

TechFlow

Cryptocurrency Crash: Veteran Crypto Yi Lihua Loses $700 Million in a Week

BTC

3.75%

ODAILY

The day CZ missed his best investment, Crypto missed out on AI.

CAI