I've heard stories lately of open source projects being inundated with vulnerability reports and PRs. But in this case, it seems like AI assistance was clearly a boon for root-causing and reporting this so quickly.
Yes, in this case. Chances are in the future others will be missed despite being reported, because the maintainers are either inundated or tired of all the other reports and can’t distinguish the real one.
I don't expect one. This kind of attack is pretty common nowadays. The xz attack was special for how long the guy worked for it and how severe it could have been
Seems that the GitHub account of one of the maintainers has been fully compromised. They closed the GitHub issue for this problem. And all their personal repos have been edited to say "teampcp owns BerriAI". Here's one example: https://github.com/krrishdholakia/blackjack_python/commit/8f...
I'm curious what the verification and proof stages offer beyond automated PR checks. The verification example looks rather standard.
To me, the biggest bottleneck is the fact that automated checks don't catch everything. I still need to read through the code myself before I trust it.
e.g. understanding the code probably takes 30-200% of the effort of writing it!
It does seem to do something though about the situation where, occasionally, an AI just goes and vandalizes 3000 lines of code across your whole code base.
I'm curious what it would mean to align the interests of an AI agent with a natural ecosystem. Alignment to human values is still an unsolved problem. Alignment to an ecosystem has a lot of the same challenges as alignment to human values, like balancing diverse and often conflicting interests (what's good for a rabbit might be bad for a fox). But it has its own challenges, like lack of data.
You can add a hook to your Claude Code settings to find and stop Docker containers. But it's risky since it might stop containers being used by another CC session.
Another option is to manually clean up Docker containers periodically, for instance by searching for all containers using a particular image:
I definitely see a lot of these anti-patterns in the code that CC writes. Many of these can be caught at the time the code is written without needing to wait for a PR review. To me, it seems like most of these instructions belong in CLAUDE.md instead of or in addition to a specialized review skill. Are there things in the review skill that don't belong in CLAUDE.md?
fair point. I think they should ALSO be in your CLAUDE.md. Doing Claude reviews with the exact same instructions still makes sense because the PR itself is often a co-production between AI and the human who gives the instructions (and in the coding process the agent might be more sycophantic toward the user's ideas). Additionally, when writing code, Claude is more focused on writing code that works and puts a lot of your repo into context, while during reviewing it pays more attention to these guidelines
reply