| ▲ | simonw 2 days ago | |
Running an LLM locally makes no difference at all to the threat of malicious instructions that make it into the model causing unwanted actions or exfiltrating data. If anything a local LLM is more likely to have those problems because it's not as capable at detecting malicious tricks as a larger model. | ||
| ▲ | tadfisher 2 days ago | parent [-] | |
This is the MCP problem, essentially, and the solution is the same: the user should review and approve specific actions before they are taken. Of course there will probably be a setting to auto-approve everything... | ||