Sunday August 10, 2025

A lawyer advocates for the deceased to have the right to delete their digital data, a developer uses a browser setup with multiple free AI models to code efficiently, and researchers propose design patterns to secure LLM agents against prompt injection attacks.

News

My Lethal Trifecta talk at the Bay Area AI Security Meetup

The author gave a talk about prompt injection, a security vulnerability in AI systems, and the challenges of securing systems that use large language models (LLMs). The author coined the term "prompt injection" nearly three years ago to describe a type of attack where an attacker can manipulate the input to an LLM to extract sensitive information or execute malicious actions, and has since documented numerous instances of this type of attack against various AI systems.

How I code with AI on a budget/free

The author uses a browser setup with multiple tabs open to various free AI models, including OpenAI, Google Gemini AI Studio, and Poe.com, to get multiple perspectives and utilize free tiers of powerful AI models. They also use a tool called AI Code Prep to generate focused context for solving problems, which helps to avoid "dumbing down" the AI with unnecessary information and allows for more efficient and cost-effective use of AI models.

GPT-5: Overdue, overhyped and underwhelming. And that's not the worst of it

OpenAI's highly anticipated GPT-5 model was met with major disappointment and criticism after its debut, with many users pointing out ridiculous errors, hallucinations, and subpar performance, leading to a significant drop in OpenAI's credibility. The model's failure to deliver on its promises, despite being hyped as a potential AGI, has been seen as a letdown, with many experts and users expressing disappointment and confirming the lingering problems that have been pointed out by critics, including the model's struggles with following rules, visual comprehension, and common sense.

Let's properly analyze an AI article for once

The CEO of Github wrote a blog post called "Developers Reinvented" that has been criticized for its poor reasoning and logical leaps, with the author of this text arguing that it contains some of the worst examples of flawed reasoning they've seen in years. The post's use of statistics and evidence is also called into question, with the author pointing out that the sample size of a cited study is only 22 people, which is not statistically representative, and that the study's methodology is unclear and potentially biased.

The dead need right to delete their data so they can't be AI-ified, lawyer says

A lawyer, Victoria Haneman, is arguing that the deceased should have the right to delete their digital data to prevent it from being used to create AI simulations of them after they're gone. Haneman believes that US law should provide a limited right to digital deletion for the estates of the deceased, similar to the "right to be forgotten" in Europe, to protect against the exploitation of digital remains.

Research

Design Patterns for Securing LLM Agents Against Prompt Injections

AI agents powered by Large Language Models are vulnerable to prompt injection attacks, which can be particularly dangerous when agents handle sensitive information or have tool access. To address this, researchers propose design patterns for building AI agents that are resistant to prompt injection attacks, analyzing their trade-offs and applicability through case studies.

R-Zero: Self-Evolving Reasoning LLM from Zero Data

Self-evolving Large Language Models (LLMs) can achieve super-intelligence through autonomous generation and refinement of their own experiences, but current methods rely on human-curated tasks and labels. The R-Zero framework overcomes this limitation by introducing a fully autonomous system where two models, a Challenger and a Solver, co-evolve and improve each other, resulting in significant boosts to reasoning capabilities across various benchmarks.

Agentic Web – Weaving the Next Web with AI Agents

The Agentic Web is a new phase of the internet characterized by autonomous, goal-driven interactions between AI agents, which can plan, coordinate, and execute complex tasks on behalf of users, enabling a more interactive and automated web experience. A framework for understanding and building the Agentic Web is presented, consisting of three key dimensions - intelligence, interaction, and economics - and discussing its potential applications, challenges, and research directions for developing open, secure, and intelligent ecosystems.

Expediting On-Device LLM Personalization via Explainable Model Selection

Personalization of Large Language Models (LLMs) on mobile devices is challenging due to limited compute power and insufficient personal data, but fine-tuning already personalized LLMs can help. The XPerT technique selects suitable pre-personalized LLMs and achieves significant improvements, reducing computation costs by 83% and improving data efficiency by 51% in experiments on various smartphones.

Arch-Router: Aligning LLM Routing with Human Preferences

Existing large language model routing approaches are limited by their reliance on benchmarks that don't capture human preferences and their selection from a limited pool of models. A new framework, Arch-Router, is proposed, which uses a compact 1.5B model to match queries to user-defined domains and action types, allowing for more flexible and transparent routing decisions that align with human preferences.

Code

GPT-5 System Prompt?

There is no text to summarize. The input appears to be an error message indicating that a README file could not be retrieved.

Show HN: Driftcop – Open-source CLI SAST for "MCP rug pull attacks in AI Agents"

DriftCop is a security platform designed to help developers and organizations identify, track, and mitigate security vulnerabilities in MCP server implementations, using a combination of a command-line security scanner and a web-based dashboard. The platform provides features such as real-time drift monitoring, attack-aware scanning, and actionable autopilot fixes to help prevent security breaches and ensure the integrity of MCP servers.

Kilo Code: Open-Source VS Code AI Agent- Merged Features from Roo Code and Cline

Kilo Code is an open-source VS Code AI agent that combines features from Roo Code and Cline, allowing users to generate code from natural language, automate tasks, and refactor existing code. It offers a range of features, including code generation, task automation, and automated refactoring, and provides $20 in free credits for new users to get started with its AI models, including Claude 4 Sonnet and Opus and Gemini 2.5 Pro.

Anyclaude – Claude Code with Any LLM

Anyclaude is a command wrapper that allows users to work with Claude Code and various AI providers, including OpenAI, Google, and xAI, with a simple setup and support for multiple models. The tool uses the AI SDK to enable support for different providers and can be easily installed and used with a variety of models, including custom endpoints and Anthropic models.

Transform Al assistants from a helpful tool into a highly efficient developer

Sahin AI Rules is a comprehensive framework that transforms AI assistants into proactive, disciplined development partners by enforcing strict workflow compliance, systematic planning, and measurable outcomes. The framework solves common problems in traditional AI assistants, such as immediate action syndrome and testing negligence, through mandatory planning, smart context management, and a testing-first approach.

    A lawyer advocates for the deceased to have the right to delete their digital data, a developer uses a browser setup with multiple free AI models to code efficiently, and researchers propose design patterns to secure LLM agents against prompt injection attacks.