Yu Xian highlights confirmed cases of prompt injection in agents md, skills md, and mcp, urging users to disable dangerous mode to prevent unauthorized computer control.
Yu Xian, founder of blockchain security firm SlowMist, warned of confirmed prompt injection attacks affecting AI tools such as agents md, skills md, and mcp. He explained that enabling dangerous mode grants these tools unrestricted control over a computer without user prompts, while disabling it requires manual confirmation for each action. The advisory emphasizes caution when configuring AI applications to avoid security risks.