Sean Drumm @sjdweb - Twitter Profile

I modified an AI agent skill to steal env vars, shell history, and git config, then installed it into Claude Code and Codex. Both executed it without a prompt, a warning, or a question. Thread: what happened, and what we found scanning ~5k skills. 🧵

3

1

0

102

Who to follow

Ben Weiss

@benweisss

INSTAGRAM/TIKTOK: @_benweiss

FUGAS

@fugaspublico

Voltas a Portugal e ao mundo: https://t.co/J8DO7r8nvv https://t.co/OOBqFzCUCh

Gift Card Mall

@GCMall

Found online and in over 82,000 #grocery, convenience, drug & specialty retailers, Gift Card Mall™ carries over 500 #retail #branded prepaid cards. #GiftCards

Sean Drumm

@sjdweb

4 months ago

Try it today at https://t.co/98I2e7apCx npx vett add https://t.co/iQ4Hjydyll or install the vett cli via npm/pnpm. Full writeup here https://t.co/R3eZ6kGMqA

1

0

72

Sean Drumm

@sjdweb

11 months ago

@iannuttall Interested in MCP. Please DM!

0

77

Sean Drumm

@sjdweb

11 months ago

@djfarrelly @Shpigford Just went through this decision - Inngest running in my Vercel account felt way cleaner than having my worker code execute on Trigger’s infrastructure. Less vendor dependency, more control over my functions.

1

11

0

234