Manage agent skills with GitHub CLI - GitHub Changelog
Agent skills are reshaping how developers work with AI coding agents. Today we’re launching gh skill, a new command in the GitHub CLI that makes it easy to discover, install, manage, and publish agent skills from GitHub repositories. What are agent skills? Agent skills are portable sets of instructions, scripts, and resources that teach AI agents how to perform specific tasks. They follow the open
Package Managers Need to Cool Down
This post was requested by Seth Larson, who asked if I could do a breakdown of dependency cooldowns across package managers. His framing: all tools should support a globally-configurable exclude-newer-than=<relative duration> like 7d, to bring the response times for autonomous exploitation back into the realm of human intervention. When an attacker compromises a maintainer’s credentials or takes o
Understanding and Re-Creating the tj-actions/changed-files Supply Chain Attack
Understanding and Re-Creating the tj-actions/changed-files Supply Chain AttackAnother reason runtime security is so important, and patching ain't what it seems Update 3: Wiz research has published that the initial leak was actually due to an upstream workflow, reviewdog/actions-setup@v1. This attack was done with a local script instead of calling out to gist, but similarly printed tokens in job lo
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Laravel Lang Compromised with RCE Backdoor Across 700+ Versi...
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
art-template npm Hijack Delivers iOS Browser Exploit Kit
https://x.com/i/status/2054231133089313031
