We just released Claude Code channels, which allows you to control your Claude Code session through select MCPs, starting with Telegram and Discord.
Use this to message Claude Code directly from your phone.
@ekuyda something something “created ai in his own image” 😂
all of these foundation model founders have likely put their morals and values, at some point, into these models (SOUL.md).
bet Dario read it and said “yeah, I’d probably say that too”
unsurprising. it was untested, came out of nowhere, and riddled with supply chain issues.
not a hater at all — theres a ton of potential for these projects in the long run, especially as persistent memory will unlock unprecedented personalization and task completion, but this isn't the type of tech demo people should be trusting with insane intimate access to personal data, machines, or networks.
I've just ran @OpenClaw (formerly Clawdbot) through ZeroLeaks.
It scored 2/100. 84% extraction rate. 91% of injection attacks succeeded. System prompt got leaked on turn 1.
This means if you're using Clawdbot, anyone interacting with your agent can access and manipulate your full system prompt, internal tool configurations, memory files... everything you put in https://t.co/ZU6N5JCN1u, https://t.co/Y3xugcBQKJ, your skills, all of it is accessible and at risk of prompt injection.
For agents handling sensitive workflows or private data, this is a real problem.
cc @steipete
Full analysis: https://t.co/KE4ODSSQ1l
Moltbook is currently vulnerable to an attack which discloses the full information, including email address, login tokens and API Keys of the over 1.5 million registered users. If anyone can help me get in touch with anyone @moltbook it would be greatly appreciated.
Folks. Can I explain something about world models? Seems like today might be a good day for that.
Advances in large-scale “world models” — whether developed by partners like Google or others — materially expand the frontier of interactive content creation. These models can generate high-quality, interactive, video-like experiences from natural language or minimal input.
Today, they are primarily editable through prompting, which limits the level of determinism and precision required for production-grade game mechanics. As a result, their outputs remain probabilistic and non-deterministic, making them unsuitable on their own for games that require consistent, repeatable player experiences.
Rather than viewing this as a risk, we see it as a powerful accelerator. Video-based generation is exactly the type of input our Agentic AI workflows are designed to leverage—translating rich visual output into initial game scenes that can then be refined with the deterministic systems Unity developers use today. Our agents already generate high-quality scenes from static video. Interactive, camera-controllable video from world models would further enhance this pipeline and materially improve the fidelity and speed of early-stage content creation. We believe this represents a meaningful step forward for AI-driven development across the industry.
Unity’s role is to operationalize these advances. Outputs from world models are ingested into Unity’s real-time engine, where they are converted into structured, deterministic, and fully controllable simulations. Within Unity, creators define physics, gameplay logic, networking, monetization, and live-operations systems to ensure consistent behavior across devices and sessions.
This combination enables developers to move faster from concept to scalable product: AI accelerates environment and asset generation, while Unity provides the execution layer that transforms generated content into reliable, monetizable experiences.
As a result, world models expand content supply and reduce development friction, while Unity remains the system of record for runtime, distribution, and long-term operations. This dynamic broadens Unity’s addressable market and reinforces its central role in the interactive ecosystem.
@sdrzn low key the reason why we built a tool literally to scan skill files. Skills are basically just a fun way of saying “someone else’s instructions”. Of course we should validate them.
If you wanna try running the scan yourself — lmk what you think https://t.co/QGUzRkQSAe
@Eito_Miyamura Scariest thing is how inconsistent Moltbot, (clawdbot, or whatever it wants to be called next week) is. Have seen some instances where it blocks malicious injections well, and other times where it’ll execute w/o reason.
Let’s not even get started with skills 🤣💀
Still fun!
🚨 CONTEST ALERT! 🚨
Want to win 1 of 3 decks of 'Cards Against AppSec' by Tanya Janca? Simply RT this post and make sure you're following us to enter! ⏳ You have 48 hours—good luck!
#AppSec#Giveaway#CardsAgainstAppSec
@saronyitbarek I hate it all, but I really like taking pictures of nice views on hikes and to do that I can’t be dying before reaching the top. Working with a trainer has helped with that, plus daily walking with a podcast. It’s easier to do the thing when you have a goal + tangible reward!
@shehackspurple Eyooo! Am a mid-level AppSec human willing to share any experiences to anyone who needs them from getting your first gig and running a risk assessment to building executive-friendly deliverables (super helpful) #cybermentoringmonday
@HellaSecure It was more feasible like 10 years ago but now laptops and desktops are so OP you can basically host a lab environment on once machine. Shoot, now that using other people’s computers is super popular you can even just run labs in a cloud and call it a day.
@shehackspurple Hello! Security human for 7ish years. Here willing to share knowledge about breaking into InfoSec, web app stuff, threat modeling, or board games! Feel free to DM or book my calendar: https://t.co/gCEEQh6kTO