Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
Retr0id
6mo ago
0 comments
Save
Share
It's going to be fun if someone finds a security vulnerability in a commonly-emitted-by-LLMs code pattern. That'll be a lot harder to remediate than "Update dependency xyz"
0 comments
3 comments · 1 top-level
top
newest
oldest
MangoToupe
6mo ago
· 2 in thread
> if someone finds a security vulnerability in a commonly-emitted-by-LLMs code pattern
how do you distinguish this from injecting a vulnerable dependency to a dependency list?
Retr0id
OP
6mo ago
You can more easily check for known-vulnerable dependencies
MangoToupe
6mo ago
Right, but if you can embed bad packages in LLMs, you can surely embed
any kind of vulnerability imaginable
.
1 more reply
j
/
k
navigate · click thread line to collapse
