> I'm kind of concerned for security things with LLM written apps - you can ask it to do things and it says yes, without really thinking if it's a good idea or not.
Well, right. If I'm using an LLM to create code, I'm going to use all my skill and experience to review and shape the code to standards I'm ok with.
But for people with extremely limited experience, LLMs offer a "create an app by talking!!" Zero understanding required. So they won't know to not leak user PII in JSON responses or have publicly writable endpoints or keeping private keys for external services server side and outside of the code base, etc... Let alone anything more complex.
But for people with extremely limited experience, LLMs offer a "create an app by talking!!" Zero understanding required. So they won't know to not leak user PII in JSON responses or have publicly writable endpoints or keeping private keys for external services server side and outside of the code base, etc... Let alone anything more complex.