| ▲ | roywiggins 5 days ago |
| You still have to be pretty careful it doesn't have access to any API keys it could decide to exfiltrate... |
|
| ▲ | adastra22 5 days ago | parent [-] |
| How would it have access to API keys? You don’t put those in your git repo, do you? |
| |
| ▲ | jazzyjackson 5 days ago | parent [-] | | If the code can call a method that provides the API key, what would stop the LLM from calling the same code? How do you propose to let an LLM run tests that execute code that requires API without the LLM also being able to grab the key? | | |
| ▲ | adastra22 5 days ago | parent [-] | | I don’t give it access to calls requiring API keys in the first place. This is just good dev environment stuff. Have locally hosted substitutes for everything. Run it all in docker. |
|
|
