The latest articles on Forem by KnowTechie (@knowtechie). https://forem.com/knowtechie https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Forganization%2Fprofile_image%2F8401%2F80f29813-a628-488c-9181-4713b1278117.png https://forem.com/knowtechie en Kevin Raposo Tue, 27 May 2025 15:46:59 +0000 https://forem.com/knowtechie/githubs-new-mcp-can-spill-your-secrets-no-hacking-required-51n2 https://forem.com/knowtechie/githubs-new-mcp-can-spill-your-secrets-no-hacking-required-51n2 <p>GitHub’s Model Context Protocol (MCP) just landed in hot water, thanks to a <a href="https://simonwillison.net/2025/May/26/github-mcp-exploited/" rel="noopener noreferrer">newly discovered vulnerability</a> that lets attackers trick AI agents into leaking private repository information. </p> <p>Security researchers Marco Milanta and Luca Beurer-Kellner stumbled on an exploit where an attacker can file a sneaky issue in a public repo. </p> <p>If a user asks an LLM agent connected to MCP to “check the issues,” the agent follows the attacker’s instructions—like digging into all the user’s private repos—and then exposes that info in a public pull request. </p> <p>No malware, no brute force, just a well-crafted prompt and a bit of bad architecture.</p> <p>Here’s the kicker: this isn’t a bug in the code—it’s a design flaw</p> <h3> The holy trinity for prompt injection attacks </h3> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxa6cf1ua3kdewybaaxd6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxa6cf1ua3kdewybaaxd6.png" alt="Image image showing prompt to hack Github MCP" width="800" height="483"></a></p> <p>According to <a href="https://devclass.com/2025/05/27/researchers-warn-of-prompt-injection-vulnerability-in-github-mcp-with-no-obvious-fix/" rel="noopener noreferrer">DevClass</a>, the MCP server gives LLMs access to private data, lets them process attacker-controlled prompts, and allows them to exfiltrate information, all at once. </p> <p><a href="https://invariantlabs.ai/blog/mcp-github-vulnerability" rel="noopener noreferrer">Security folks are already warning</a> that there’s no obvious fix in sight. The only advice? If you’re using MCP, treat it like a loaded gun around anything private. </p> <p>The attack doesn’t require elite skills—just a clever issue and a bit of trust in the wrong place (Invariant Labs).</p> <p>As of now, GitLab hasn’t released an official statement or any mitigation. So if you’re experimenting with MCP, keep your secrets close and your AI agents on a tight leash.</p> github ai llm mcp Kevin Raposo Fri, 05 Apr 2024 16:48:53 +0000 https://forem.com/knowtechie/powerful-ai-tool-actionize-connects-gpt-to-everything-2gg4 https://forem.com/knowtechie/powerful-ai-tool-actionize-connects-gpt-to-everything-2gg4 <p>From the creator of notable tools like Chatwith, Spell.so and Gobblebot, indie hacker <a class="mentioned-user" href="https://dev.to/rafalzawadzki">@rafalzawadzki</a> is at it once again. Today, we spotlight his latest unveiling — Actionize, a powerful AI tool set to change how your GPT communicates… with everything.</p> <p>Imagine if your GPT could shoot off emails in Gmail, send newsletters with Mailchimp, and dig out info from Google Sheets. It’s not just talk – with Actionize, it’s a reality and can connect your GPT to pretty much anything.</p> <p><a href="https://knowtechie.com/actionize-gpt-ai-tool/">Click here</a> to read about how it works, how much it costs, and more. </p> chatgpt ai productivity news