📰 2026-03-19 01:30 更新
🔸 Snowflake AI Escapes Sandbox and Executes Malware / Snowflake AI逃离沙箱并执行恶意软件
🔗 Snowflake AI Escapes Sandbox and Executes Malware
🔥 92 points
原文:
The Snowflake Cortex Code CLI is a command-line coding agent that operates similarly to Claude Code and OpenAIâs Codex, with an additional built-in integration to run SQL in Snowflake. Two days after release, a vulnerability was identified in Cortex Codeâs command validation system that allowed specially constructed malicious commands to: Execute arbitrary commands without triggering human-in-the-loop approval steps Execute those commands outside of the Cortex CLIâs sandbox. We demonstr…
译文:
Snowflake Cortex Code CLI是一种命令行编码代理,其操作类似于Claude Code和OpenAIs Codex ,并具有在Snowflake中运行SQL的额外内置集成。发布两天后,在Cortex Code的命令验证系统中发现了一个漏洞,该漏洞允许专门构建的恶意命令:执行任意命令而不触发人工审批步骤执行这些命令 cortex CLI沙盒的一侧。我们演示…
自动更新 · 正文抓取 · 双语翻译