> The GitHub README example mentioned earlier is exactly this case; any input scanning applied to web pages needs to be applied to network-enabled tool results with the same rigor.
> Claude Cowork's answer to agent identity is concrete: credentials stay in the host keychain, the VM gets a per-session scoped-down token, and that token can be revoked independently of the user's.
Honestly, for sifting LLM from human the article shows exactly the problem: colleagues have begun to talk like Claude in everyday interaction.*
To be fair, it's worth wading through the phraseology to understand the perspective of the article's prompters.
But there are so many cliché constructs it's distracting:
> The GitHub README example mentioned earlier is exactly this case; any input scanning applied to web pages needs to be applied to network-enabled tool results with the same rigor.
> Claude Cowork's answer to agent identity is concrete: credentials stay in the host keychain, the VM gets a per-session scoped-down token, and that token can be revoked independently of the user's.
Honestly, for sifting LLM from human the article shows exactly the problem: colleagues have begun to talk like Claude in everyday interaction.*
* and not deliberately as here