Hacker News new | ask | show | jobs
by ElectronShak 299 days ago
Maybe we need a CORS spec for llms?
1 comments
ec109685 299 days ago
The only safe CORS spec is CORS. Have to treat everything the LLM is doing as malicious.

It’s actually worse than that though. An LLM is like letting attacker controlled content on the page inject JavaScript back into the page.

link