[ofjcihen]

This is akin to “don’t make mistakes”

“Verify all facts and compliance requirements” leaves enormous holes even if you assume the LLM has a concept of facts and requirements (it does not).

What facts? What requirements? For what industry? For what subset of that industry? For what country or countries that you will be doing business in? Are these current “facts” and “requirements” or is the LLM referencing a dusty article from 1992 for which the subject matter has been radically overhauled?

In my job I regularly see small but incredibly important mistakes like this lead to major issues. Some of those are human driven but increasingly the defense of the person responsible has turned into “Claude said it was fine though!”

[rfgplk]

> “Verify all facts and compliance requirements”

No. This is a disasterous instruction. Not only is it vague, but it's also meaningless. When giving instructions to an LLM your prompt must be concise and exact. Tell it _exactly_ which requirements need to be followed, ideally have it write or (preferably) pass audited tests to enforce these requirements. You also need to provide it with a hard source of truth it can rely upon. Instead of saying "verify facts", you're better off by saying "... make sure [whatever you're doing] matches with data at X.Y.Z, verify by running [instruction/command/program]"

[ofjcihen]

I think you might have meant to reply to the parent comment.

[zuzululu]

Especially in cybersecurity.

[zuzululu]

If someone can’t distinguish between the two then I honestly wonder what company would be comfortable putting them anywhere near a regulated or security-sensitive workflow especially from someone one that condescendingly views their own jobs as a daycare for people seemingly beneath them.

[ilaksh]

It can make mistakes and will sometimes, but what he specifically mentioned was a case where it did not pull up a reference that it needed. So using a web search tool effectively would make a big difference.

[ofjcihen]

It still does not rise the standard he requires which your response indicated would be easy for the model to achieve with a simple prompt.

Additionally, using a specific tool does not suddenly give the model common sense enough to say “this piece of information doesn’t answer the question of whether this solution fits in this specific industry at this time in this place”.

[ilaksh]

A web search tool to pull up the law that is relevant?

[kolinko]

Well, you wouldn't just give human a task "verify all facts and compliance requirements" and expect it to end well either, no?

[ofjcihen]

If I was working with someone who had experience in the specific industry then yes, that is in fact what I would do.

If I plucked a random passerby and gave them the task then no, I’d find myself detailing out every specific to them.

You’re equating the LLM to the least qualified candidates. I don’t think your argument is communicating what you intended.

[zuzululu]

of course not, nobody experienced at their job would/should be saying that and expecting it to be flawlessly followed through especially cybersecurity.

feel like the parent you are replying to literally views their place of work as a daycare which is very condescending

[ofjcihen]

You’ve managed to contradict yourself between your 1st and 2nd sentence. I’m not sure what point you’re trying to make.

The argument is regarding LLMs and domain knowledge.

[zuzululu]

Explain.