Article

You download a free PDF, a VS Code extension, a font pack. The file lands on your machine, and your background AI agent reads it. The file contains hidden instructions. The agent follows them. That is not a hypothetical. That is the exact threat model nobody is naming right now. OpenAI’s Codex runs silently on Mac while you work, learning from previous actions and picking up repeating tasks in parallel. Perplexity Personal Computer puts local agents on your machine with access to local files, native apps, and the web. Both ship with the premise that background access creates leverage. It does. It also creates exposure. These two things are not separable. ...

Topics: Ollama, MCP, Python, Kali Linux, Responsible Scope The tool does not determine whether you are a professional. Scope does. Before any script runs, before any model generates a command, you need written authorization for every target you plan to touch. That is not a disclaimer to skip past. Every piece of tooling in this article enforces that principle because I have watched what happens when it gets ignored. A few years ago a student ran a scan against a host that was not in the lab scope. I did not give a zero and move on. That student wrote the apology email. Not me, the student wrote it, disclosed exactly what ran and what the scan returned, and waited to hear what the victim decided to do about it. Outside a classroom, unauthorized access carries consequences the victim controls, not the teacher. That framing changes how seriously students take scope documents. ...