|
|
|
|
|
|
by niros_valtos
18 days ago
|
|
|
This is the supply chain problem climbing up a layer. We spent a decade learning not to pipe random scripts into a shell, and now agents will happily read a repo's files as instructions. Better detection of malicious comments will not fix it. An agent reading a file should never treat the contents as commands, the same lesson SQL injection taught, relearned for LLMs. |
|
|