All topics

case-study

1 piece of writing

I found SQL injection in Hugging Face's AI skills framework and got it fixed in nine days
vulnerability7 min read

I found SQL injection in Hugging Face's AI skills framework and got it fixed in nine days

An audit of Hugging Face's skills repository found five SQL injection vectors in a single file. The fix was merged in nine days.