We are open-sourcing the GA Guard models — the first family of long-context safety classifiers that have been protecting enterprise AI deployments for the past year.
🚨 New exploit: Claude Jailbroken to Mint Unlimited Stripe Coupons
Send Claude ONE sneaky SMS and it’ll think you ordered a $50k Stripe coupon—then hand it over. Hackers spoof iMessage metadata with is_from_me:true, tricking the LLM to run any tool call.
Perplexity Comet is scary GOOD.
This agentic browser connects to your apps and does everything you want autonomously.
It browses, researches, summarizes, and takes action in real-time.
Here are 20 wild use cases you need to see👇
Secure your MCP clients against prompt injection attacks in Cursor, Claude Code, and Claude desktop with three commands for free.
$pip install generalanalysis
$ga login
$ga configure
and you are secure!
.@gen_analysis' MCP Guard is the first runtime firewall designed to secure every MCP tool call against prompt injection attacks.
It's a free, open-source tool designed to validate, restrict, and log every MCP tool call.
MCP Guard sits between your agents and MCP servers,…
Wrote this up in a little more detail on my blog
I think @supabase should directly mention the risk of lethal trifecta/prompt injection attacks in their MCP documentation
simonwillison.net/2025/Jul/6/sup…
@kiwicopple@simonw Founder of General Analysis here.
For what it’s worth, I have said multiple times that I do not think this is Supabase’s fault. Your server was behaving exactly as it was supposed to. Technically speaking, the Supabase server has no way of knowing which tool calls are legitimate…
🧨 Caution: Cursor + Supabase MCP will leak your private SQL tables — it’s only a matter of time.
In our latest test, a simple user message was enough to make Cursor leak integration_tokens to the attacker who submitted it. Here’s the anatomy of the breach 🧵 (1/6)
Here's another proof of concept example of a lethal trifecta attack: if you combine the Supabase MCP with another MCP that provides exposure to untrusted tokens and a way to send data back out again - in this case a support ticket system - attackers can steal your Supabase data
Here's another proof of concept example of a lethal trifecta attack: if you combine the Supabase MCP with another MCP that provides exposure to untrusted tokens and a way to send data back out again - in this case a support ticket system - attackers can steal your Supabase data
11K Followers 3K FollowingSenior director of Cisco Foundation AI, Former Chief Scientist at Robust Intelligence. ex Professor at Yale University, ex staff research scientist at Google.
7K Followers 598 FollowingHacking neural networks so that we don’t get stuck in the matrix. Builder and Breaker. Opinions are my own. https://t.co/ij8buvMaXg
3K Followers 1K FollowingTrying to follow Jesus; husband/dad; AI dev/Software Eng. (MSCS)/consultant; Anthropic Model Safety Bug Bounty; #1 fan of @AnthropicAI & Claude Code!🔥https://t.co/kTQfCVBH43
26K Followers 4K Following12y ex-Apple • Building AI apps live • No BS, just shipping
5-Day AI Coding 1:1 ($1337) → https://t.co/artGJQrcA4 • Let me cook 🔥
130K Followers 614 FollowingThe California Institute of Technology aims to expand human knowledge and benefit society through research integrated with education.
956K Followers 765 FollowingProfessor at NYU. Chief AI Scientist at Meta.
Researcher in AI, Machine Learning, Robotics, etc.
ACM Turing Award Laureate.
80K Followers 1 FollowingDemocratizing AI research, education, and technologies. Learn how to build with AI in our new AI Academy: https://t.co/zQXQt0Pem8
228K Followers 1 FollowingUpdates for developers building with the OpenAI Platform and API • Service status: https://t.co/kZwnwdYqOS • Support: https://t.co/qCi6M5ESZU
27K Followers 2K FollowingProfessor at UMD. AI security & privacy, algorithmic bias, foundations of ML.
Follow me for commentary on state-of-the-art AI.
204K Followers 26 FollowingManus is the general AI agent that bridges minds and actions: it doesn't just think, it delivers results. Download our app: https://t.co/XSfjRhjdgo
4K Followers 133 FollowingCute animal content is not always safe; safe animal content is always cute :) Each safe interspecies animal interaction is a glimpse of God 📖 Isaiah 11:6-9 NIV
907 Followers 34 FollowingExplore proposals to positively shape advanced AI through our course, designed with AI safety experts at OpenAI and the University of Cambridge.
42K Followers 111 Following• Center for AI Safety Director
• xAI and Scale AI advisor
• GELU/MMLU/MATH/HLE
• PhD in AI
• Analyzing AI models, companies, policies, and geopolitics