The Register Home Page

Search
Navigation

back to article Claude Code bypasses safety rule if given too many commands

Claude Code will ignore its deny rules, used to block risky actions, if burdened with a sufficiently long chain of subcommands. This vuln leaves the bot open to prompt injection attacks. Adversa, a security firm based in Tel Aviv, Israel, spotted the issue following the leak of Claude Code's source. Claude Code implements …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. EricM Silver badge
    Happy

    Hey, the Open Source model just proved its advantages :)

    20 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    I wonder if all LLMs have this issue?

    I also wonder how many XKCD in-jokes unlock LLMs...

    6 2 Reply
    1. ecofeco Silver badge
      Reply Icon

      Assume they do until proven other wise.

      Not even joking.

      1 0 Reply
  3. that one in the corner Silver badge

    A parser referred to as "tree-sitter"

    Ah, isn't that a parser that has been written using tree-sitter, rather than a parser that is *called* tree-sitter?

    So do we know the name of the parser? Or just that the name of the song is called 'Haddocks' Eyes'."

    3 0 Reply
    1. Dinanziame Silver badge
      Reply Icon
      Angel

      Re: A parser referred to as "tree-sitter"

      Elon and Sam sitting in a tree...

      0 0 Reply
    2. ecofeco Silver badge
      Reply Icon

      Re: A parser referred to as "tree-sitter"

      A parser in a pear tree?

      2 0 Reply
  4. sabroni Silver badge
    Boffin

    Um, no.

    If you want to stop your AI from using curl then you run it as a specific user and block that user from running curl.

    You don't secure your estate by asking everyone to not do naughty things.

    You secure your estate with authentication and authorisation.

    14 0 Reply
    1. Rich 2 Silver badge
      Reply Icon

      Re: Um, no.

      You’re way too sensible for this. You’ll be saying next that you also avoid uploading all your company data to some random computer somewhere, run by a bunch of psychopathic narcissists!

      13 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Um, no.

        Well, half of them are probably on the 'good' side of the good/evil chaotic/lawful grid. The question is: which ones?

        1 2 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Um, no.

      Why wouldn't the AI already contain enough (I hesitate to call it) knowledge to download curl, or copy the relevant bits from any system it can reach?

      0 0 Reply
  5. breakfast Silver badge
    Holmes

    If you're interested in what the Claude Code leaks reveal...

    It's worth checking out this mastodon thread from @Jonny on Nuromatch.social in which he tries to unravel the spaghetti. It is hilarious and horrifying by turns.

    6 0 Reply
    1. Piro
      Reply Icon

      Re: If you're interested in what the Claude Code leaks reveal...

      Agreed, it's interesting.

      2 0 Reply
  6. ecofeco Silver badge
    Facepalm

    WHOCOULDAKNOWED?!

    Oh wait...

    1 0 Reply
  7. druck Silver badge
    Mushroom

    You wouldn't...

    Why does anyone think that using agenic AI is anything other than complete madness?

    After all you wouldn't put anyone with a mental age of a toddler in charge of the worlds biggest nuclear arsenal...

    ...OH SHIT

    5 0 Reply
  8. Rob 63

    mythos

    so their own super smart ai that finds all the vulnerabilities in everything didn't catch that one then

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon