|
|
|
|
|
|
by e9a8a0b3aded
340 days ago
|
|
|
I wouldn't wrap it with any additional prompting. I believe that this is a "fail fast" situation, and adding prompting around it only encourages bad practices. Giving an LLM access to a tool that has privileged access to some system is no different than providing a user access to a REST API that has privileged access to a system. This is a lesson that should already be deeply ingrained. Just because it isn't a web frontend + backend API doesn't absolve the dev of their auth responsibilities. It isn't a prompt injection problem; it is a security boundary problem. The fine-grained token level permissions should be sufficient. |
|
|