- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
cross-posted from: https://infosec.pub/post/47200357
One critic called the move “petulance beyond measure.”
cross-posted from: https://infosec.pub/post/47200357
One critic called the move “petulance beyond measure.”
The code wasn’t malicious. The prompts their LLM’S followed were in plain text. They failed to read. That’s on them.
I can say that this person should have considered what might happen if someone fell for it, and death threats were certainly firmly in the realm of possibilities, but let’s not pretend this wasn’t their own fault.
In this case it WASN’T plain text, though. He printed the prompt injection and then ANSI escape characters to immediately hide them from a terminal output and the human eye.
They only failed to read because he made them fail in an unfair way.
no because the part the vibe coders didn’t read was what the ai generated. they gave the ai direct access and unsupervised direction
it’s fair game. LLM’s are very dumb, and will lie to you about dumping important parts of consideration and will just make up gaps in knowledge then admit a limitation.