|
|
|
|
|
|
by icedchai
59 days ago
|
|
|
I've seen LLMs implement "creative" workarounds. Example: Sonnet 4.5 couldn't figure out how to authenticate a web socket request using whatever framework I was experimenting with, so it decided to just not bother. Instead, it passed the username as part of the web socket request and blindly trusted that user was actually authenticated. The application looked like it worked. Tests did pass. But if you did a cursory examination of the code, it was all smoke and mirrors. |
|
|