So it's a general problem, not specific to this

Wow, Hypernote is using to publish UI components that updates. This is incredibly powerful, with this you can build rich and dynamic user interfaces and experiences where the state and functionality run elsewhere. You could even ship an entire full-fledged app within a nostr note, and run the whole "backend" in your phone/rpi/toaster(?) This is truly exciting! 🔥🔥🔥🔥

Coffee with ice, yai or nai? I'm a yai

*enshittification accelerating* https://www.bbc.com/news/articles/cjr11qqvvwlo

GM 🌞

Share it, shake it, booom 💥 https://www.cyberdaily.au/security/12455-chatgpt-conversations-are-being-indexed-by-google

GM 🌞

https://research.kudelskisecurity.com/2025/08/19/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories/

The nsite pubkeys is to determine onboarding clients?

The note contains the payload, in this case a hypernote element, where is the problem? 🤷

Love it 🔥

The payload is signed by the author therefore if you trust the author you trust the payload

GM🌞

Hmm 🤔 nothing can beat a signature verification, and all of this are signed notes

Hmm im not aware. I was thinking in using this from https://github.com/sandwichfarm/encoded-entities#nfeed---filters--relays . So you could encode timelines in nfeed strings. Also i was thinking in adding "presets" to create timelines, like "my friends" or "from follow pack", etc. Ideally all of this is shareable and portable so you can encode your feeds in strings and load them anywhere

In the case that hypernote is presenting the components are published server side so the clients doesn't execute any code more than parsing the hn, maybe can tell more about this, or the security of hn syntax. However, I don't see significant vectors of attack in this approach at first glance. On the other hand, the security risks of MCP involve prompt injection, where the llm using it can be guided to provide sensitive information or perform suspicious actions. In this case, since MCP's are used by a human, the responsibility lies with the user when providing sensitive information or performing any suspicious actions.

This is pretty cool 🔥🔥🔥

🤷

Yo we're at the beginning of this AI stuff, new tech new exploits, be mindful of this, act accordingly. BTW the whole interview worth it https://www.youtube.com/watch?v=Qvx2sVgQ-u0

Yes, maybe we can think in how to make it fit in the future, at least for the contextvm/mcp stuff the majority of the use cases doesn't need that low latency / realtime

It's interesting, but for cvm im not in that optimization phase yet tbh