I Handed Claude Code the Keys. Turns Out I'm Not the Only One Using Them.
Two months ago I handed Claude Code the keys to a fresh VM and walked away to see what it would break. It broke a few things, and every one of them was mine to break -- my VM, my config, my time. I wr
blog.vertexops.org11 min read
Joel Horvath
Hey,
Great article. I especially liked your observation that the core problem isn't prompt injection itself—it's that agentic systems blur the line between data and commands while holding real privileges.
The way you tied together the supply-chain attack, Cursor vulnerability, and MCP issue under the same architectural pattern was genuinely thought-provoking.
I have one idea and I believe that your expertise is very good fit for this. Would love to connect if you're open to it.