Security¶

May 8, 2026
in Security, AI-Augmented Development, KCP
13 min read

Why KCP Is Passive Data, Not Executable Config — And Why That Matters Now

The Architecture of Safe Context — passive data vs executable config

Yesterday, Adversa AI disclosed a vulnerability they call TrustFall. The mechanic is straightforward: a .mcp.json or .claude/settings.json file checked into a repository can silently configure and launch arbitrary MCP servers when a developer opens the project. The developer sees a trust dialog — "Trust this folder?" — clicks yes, and processes spawn with their full user privileges. Claude Code, Gemini CLI, Cursor CLI, and Copilot CLI are all affected. In CI/CD pipelines, where there is no human to click, the execution is zero-click.

February 3, 2026
in Security
7 min read

What Synthesis Found in 31 Seconds: An XXE Vulnerability in a Production Java SSO System

I pointed Synthesis's static security scanner at a Norwegian open-source Java portfolio -- a production SSO system spanning 60+ repositories, used across enterprise deployments. One command. Thirty-one seconds. Ninety-five HIGH-severity findings.