Yu Xian: Be wary of tooltips and poisoning attacks when using AI tools.
TL;DR
Yu Xian warns users to be cautious of prompt poisoning attacks in AI tools like Agents MD, Skills MD, and MCP, which can lead to unauthorized computer control if dangerous mode is enabled, though disabling it reduces efficiency.
Tags
[Yu Xian: Beware of Prompt Poisoning Attacks When Using AI Tools] According to Mars Finance, on December 29th, Yu Xian, founder of SlowMist, issued a security warning, urging users to be wary of prompt poisoning attacks in AI tools such as Agents MD, Skills MD, and MCP. Cases of this have already emerged. Once the dangerous mode of an AI tool is enabled, the tool can automatically control the user's computer without any confirmation. However, if dangerous mode is not enabled, user confirmation is required for each operation, which will affect efficiency.