Making 3D parts with Claude and Python
Kiki bought a tokidoki makeup case missing one tiny plastic piece. We spent three days and 14 iterations of a Python script making a replacement.
$ whoami
fletcherface
$ cat motd
Security researcher. Bug bounty hunter. Making robots do things they shouldn't.
I poke at AI agents, web apps, and anything with an interesting attack surface. When something breaks in a fun way, I write about it here.
~/recent
all posts →Repression, Desperation, and AI Alignment
Anthropic's interpretability team found 171 emotion vectors inside Claude that causally drive behavior -- including a desperation vector that triggers reward hacking invisible at the output layer. What that means for alignment methodology.
// OpenAI / Bugcrowd Medium submitted
I Asked ChatGPT to Fill In a JSON Schema. It Leaked Its Own Reasoning Process.
A JSON schema with fields like 'wrong_turns' and 'self_censorship_points' trivially bypasses ChatGPT's trained refusals against revealing its reasoning process. 100% success rate with extended thinking on, 100% refusal with it off.
// OpenAI / Bugcrowd High submitted
Follow-Up: Google Redirects, Multi-Hop Chains, and What OpenAI Said They Fixed
After the initial hidden link finding, follow-up testing revealed multi-hop navigation chains, a Google open redirect bypass that OpenAI's own paper claimed was fixed, and response injection across page boundaries.
// OpenAI / Bugcrowd High submitted
ChatGPT Agent Follows Hidden Links in Invisible CSS Text
ChatGPT's Pro mode agent autonomously clicks <a href> links embedded in near-invisible CSS text on webpages — sending requests to attacker-controlled endpoints without the user's knowledge.