|
|
|
|
|
|
by CodingJeebus
185 days ago
|
|
|
If true, this seems like a massive win in the long run, obvious risks aside. I’ve been using a simple Claude prompt to review team PRs specifically looking for IDORs, XSS, SQL injection, etc. and it’s been really solid so far. Every once in a while it turns up a false-positive, but the signal-to-noise ratio has been excellent. With the automated exploit frameworks out there, it seems like a logical next step to throw a frontier model at a codebase and let it pentest all day long. |
|
|