Comment by zmmmmm
14 hours ago
i'm missing something basic here .... what does it actually do? It executes a prompt against a git repository. Fine - but then what? Where does the output go? How does it actually persist whatever the outcome of this prompt is?
Is this assuming you give it git commit permission and it just does that? Or it acts through MCP tools you enable?
MCP tools. We're doing some MCP bundling and giving it here, pretty cool stuff.
wasn't MCP a critical link in the recent litellm attack?
And if it was?
It's a bit like asking if "an API" was a critical link in some cybersec incident. Yes, it probably was, and?
4 replies →
We use to do do automated sec audits weekly on the code base and post the result on slack
so is slack posting an MCP tool it has? or a skill it just knows?
In Claude it is a "connector" which is essentially an mcp tool.