alt Hacker NewsStill leaves you open for data exfil. Your AI goes to a site to check documentation, but oh no that site wants it to make an API call with a very specific token.
Still leaves you open for data exfil. Your AI goes to a site to check documentation, but oh no that site wants it to make an API call with a very specific token.
Claude will only ever ask if it is allowed to connect to the domain name, so if it got a malicious link from a web search, you’re SOL anyway.