|
|
|
|
|
|
by ctmnt
116 days ago
|
|
|
It doesn't even have to change the code to get the secret. If you're using env variables to pass secrets in, they're available to any other process via `/proc/<pid>/environ` or `ps -p <pid> -Eww`. If your LLM can shell out, it can get your secrets. |
|
|