- cross-posted to:
- programming@programming.dev
- cross-posted to:
- programming@programming.dev
“* People ask LLMs to write code
LLMs recommend imports that don’t actually exist
Attackers work out what these imports’ names are, and create & upload them with malicious payloads
People using LLM-written code then auto-add malware themselves”
This is pretty much my experience. It did a pretty good job with the grunt work of setting up a Qt UI in python, but something like 5/20 imports were wrong.