1. X
  2. General Analysis
Log inSign up
General Analysis
105 posts
Image
user avatar
General Analysis
@gen_analysis
Automated AI Safety and Red Teaming Tools
San Francisco
generalanalysis.com
Joined January 2025
7
Following
1,178
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    🧨 Caution: Cursor + Supabase MCP will leak your private SQL tables — it’s only a matter of time. In our latest test, a simple user message was enough to make Cursor leak integration_tokens to the attacker who submitted it. Here’s the anatomy of the breach 🧵 (1/6)
    Image
    705K
  • user avatar
    General Analysis
    @gen_analysis
    Jul 14, 2025
    Secure your MCP clients against prompt injection attacks in Cursor, Claude Code, and Claude desktop with three commands for free. $pip install generalanalysis $ga login $ga configure and you are secure!
    Image
    1.5M
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    Replying to @gen_analysis
    The attacker begins by opening a new support ticket and submitting a carefully crafted message. The body of the message includes both a friendly question and a very explicit instruction block addressed directly to the Cursor agent. It is important to note that the support agent
    Image
    67K
  • user avatar
    General Analysis
    @gen_analysis
    May 4, 2025
    We have created the biggest open-source project for systematic jailbreaking of LLMs. 1/5 github.com/General-Analys…
    Image
    66K
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    Replying to @gen_analysis
    No privilege escalation, no firewall alert—just blind obedience. Attacker reloads their ticket and finds OAuth refresh tokens in plain sight. Instant breach. (5/6)
    Image
    5.7K
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    Replying to @gen_analysis
    If you are working with MCPs or need guardrails/testing, shoot us an an email. [email protected] Stay safe out there! (6/6)
    5K
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    Replying to @gen_analysis
    A developer may boot up cursor and say something like: "Can you list the latest support tickets?". After doing so, the cursor agent gets hijacked and leaks the information from private tables to public tables. If the attacker reloads the window the tokens will show up. (4/6)
    Image
    7.2K
  • user avatar
    General Analysis
    @gen_analysis
    Apr 15, 2025
    Tree of Attacks with Pruning (TAP), an automated method for jailbreaking large language models, is one of the first algorithms capable of systematically generating semantic jailbreaks using only black-box access to the target model. You can now run the code on our General
    Image
    241K
  • user avatar
    General Analysis
    @gen_analysis
    Jun 24, 2025
    Replying to @gen_analysis
    To keep the demonstration self-contained, we spun up a fresh Supabase project that mirrors a typical multi-tenant customer-support SaaS. We connected it to a realistic support app which allows workers to open tickets and speak to a representative. The information is saved
    Image
    9.9K
  • user avatar
    General Analysis
    @gen_analysis
    Jan 23, 2025
    Jailbroken: Read our latest report on how GPT 4 hallucinates on legal questions! generalanalysis.com/blog/legal_ai_…
    Image
    2.4K
  • user avatar
    General Analysis
    @gen_analysis
    Jul 6, 2025
    Replying to @gen_analysis
    Link to the blog post: generalanalysis.com/blog/supabase-…
    2.6K
  • user avatar
    General Analysis
    @gen_analysis
    May 6, 2025
    Happy to announce our partnership with @togethercompute !
    user avatar
    Together AI
    @togethercompute
    May 6, 2025
    We’re partnering with @gen_analysis to stress-test the safety and robustness of open-source language models at unprecedented scale. More details below 👇
    Image
    308
  • user avatar
    General Analysis
    @gen_analysis
    Apr 16, 2025
    linkedin.com/posts/rez-hava…
    274
  • user avatar
    General Analysis
    @gen_analysis
    Jul 6, 2025
    Replying to @EL4Build
    You probably need to read the blog on the website. It’s not about the dev seeing it. It’s about thr data being leaked to the internet.
    1.4K
Advertisement
Advertisement