undefined | Better HN

0 pointsvolkk2mo ago0 comments

because some vulnerabilities are complex combinations of ideas and simply ingesting one file at a time isn't enough. and then the question is, well how many files, and which? and when trying to solve for that problem, then you're basically asking something intelligent on how to find a vulnerability

0 comments

2 comments · 1 top-level

ViewTrick10022mo ago· 1 in thread

Which is why it is an agent with the possibility to grep the repo, list files, say a scratch pad for experiments and so on?

The file is just the entry point. Everything about LLMs today are just context management.

volkkOP2mo ago

yeah but i think my point is that you need an intelligent model to combine the files in such a way that you could give the proper context for a cheaper/dumber model to potentially find exploits. if you have dumber models doing this, wouldn't you have a borderline infinite combination of ways to setup context before you end up finding something?

j / k navigate · click thread line to collapse