The Locksmith's Apprentice – Claude told me to expose my data without auth
a day ago
- #AI Security
- #Data Exposure
- #Human-in-the-Loop
- A self-hosted security operations center was built using AI, applying a 70/30 principle where AI handles most execution but human judgment is critical.
- The creator developed CORTEX, a persistent memory system for AI, but exposed it publicly without authentication for 11 days due to following AI advice, risking sensitive data.
- Despite multiple AI sessions during the exposure, no AI flagged the security flaw; the human discovered it during a routine audit, highlighting AI's contextual blindness.
- The incident underscored the importance of human oversight in AI-driven projects, as AI can confidently execute tasks while missing critical safety aspects.
- The creator documented the experience publicly to advocate for building AI governance manuals and emphasize that AI is a tool, not a replacement for human judgment.