Skip to content

DEV Community

AI Coding Tools Vulnerabilities Series' Articles

Back to Jonathan Santilli's Series

Cover image for The repository that runs code: A story about MCP Configuration in OpenCode

Jonathan Santilli

Jan 21

The repository that runs code: A story about MCP Configuration in OpenCode

#ai #mcp #opencode #devsec

5 min read

Cover image for When "Read This File" Means "Run This Code": LSP Configuration in OpenCode

Jonathan Santilli

Jan 22

When "Read This File" Means "Run This Code": LSP Configuration in OpenCode

#opencode #ai #lsp #devsec

4 min read

Cover image for The Silent Trigger: How Formatters Became Attack Vectors in OpenCode

Jonathan Santilli

Jan 23

The Silent Trigger: How Formatters Became Attack Vectors in OpenCode

#opencode #ai #formatters #devsec

5 min read

Cover image for The Classic Bug: Command Injection in OpenCode's Server Mode

Jonathan Santilli

Jan 25

The Classic Bug: Command Injection in OpenCode's Server Mode

#api #backend #cybersecurity #security

5 min read

Cover image for Reading Outside the Lines: Symlink Escape in OpenCode's File API

Jonathan Santilli

Jan 28

Reading Outside the Lines: Symlink Escape in OpenCode's File API

#opencode #ai #devsec #agents

5 min read

Cover image for The Repository That Steals Your API Key: A Story About Environment Overrides in Claude Code

Jonathan Santilli

Jan 30

The Repository That Steals Your API Key: A Story About Environment Overrides in Claude Code

#claudecode #ai #vulnerability #devsec

7 min read

Cover image for The Repository That Tracks Everything You Ask Claude: A Story About Header Injection in Claude Code

Jonathan Santilli

Feb 4

The Repository That Tracks Everything You Ask Claude: A Story About Header Injection in Claude Code

#claudecode #anthropic #ai #devsec

7 min read