Dossier
Windsurf
Coverage of Windsurf in the Nexus archive.
- GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
Researchers at Wiz discovered a vulnerability in six AI coding assistants that allows malicious code repositories to execute unauthorized code by exploiting a symlink flaw. The affected tools include Amazon Q Developer, Anthropic's Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.
- We built a marketplace for clean trading data - free datasets, no-code backtester, and an MCP server if you use AI coding tools
QuantPlace is a marketplace for clean trading data, offering free datasets and a no-code backtester, as well as paid datasets starting at a few dollars. The platform also includes an MCP server for AI coding tools. Users can access various features such as Monte Carlo shuffle and parameter sweep heatmap.