Hacker News new | ask | show | jobs
by thedevilslawyer 65 days ago
1) This is not APT.

2) While injection has potential, this is fairly well mitigated. Look at comet and others.

These are all whataboutisms coming from a place of fear.
2 comments
mrbungie 65 days ago
Pretty sure simonw's lethal trifecta [1] has not been "fairly well" mitigated.

[1] https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/

link
thedevilslawyer 65 days ago
Good thing we're not talking about a LLM then.

From the article: It's a side page agent that has only access to the page, and outputs content in text only, and awaits user confirmation on actions. It's all on the page. It's I guess it's a mono-fecta?

link
mrbungie 65 days ago
Then it's contained but depending on the user it can be a vector for a (para)-social engineering attack.

PS: It is Gemini based, that's an LLM.

link
LunaSea 65 days ago
No LLM model has enough mitigations to prevent injections.
link