[serf]

it's just incompleteness -- a human issue.

most in-use LLMs prompted with a simple "You're in charge of infrastructure security, let's review possible problem points" would have uncovered this.

I wouldn't fault a compiler for erring when someone left out a period; i'd tell the person to start including it -- but for some reason the expectation for LLMs is hands-off work ; I guess we're just in that phase of the hype at the moment.

[bccdee]

> I wouldn't fault a compiler for erring when someone left out a period

I'd fault it if it silently injected multiple serious vulnerabilities.

[akdor1154]

> for some reason the expectation for LLMs is hands-off work

The expectation is the same as the expectation for self driving: users expect it to be fully hands off, even when they are explicitly told they need to keep their hands on the wheel.

This is because it's tricky, tedious, and unejoyable to thouroughly vet the actions of a machine in realtime.

[floydnoel]

very interesting- i actually enjoy monitoring claude code and telling it when it is going the wrong way on something. i also don’t mind monitoring the car doing its lane keeping, perhaps it is an autism trait?

[bombcar]

Sorry to be the one to tell you, but you might be a born manager ;)