[dorilama]

> 3. Pass 1+2 to another that asks for which npm packages to use

I see a fresh new generation of supply chain attack, or more prompt engineering to hopefully filter out malicious packages

[sgrove]

Yes, that wasn't a priority here, but I also don't think it's much of a concern with e.g. GPT-4's `system` vs `assistant` vs `user` roles. Would be another thing to work on, but nothing worth doom and gloom.

Although, 'script(/injection) kiddie' will be an interesting phenomenon in the future...

[dorilama]

You can probably feed a curated list of allowed packages for this step

[lupire]

Once the malicious package is added to the universe of acceptable packages, it doesn't matter much. Prompt engineering is not a solution you that.