| ▲ | furyofantares 2 hours ago | |||||||
> The "lethal trifecta," as described by Simon Willison, is the combination of LLM agents, tool access, and long-term memory that together enable powerful but easily exploitable attack vectors. This is a terrible description of the lethal trifecta, it lists 3 things but they are not the trifecta. The trifecta happens to be contained in the things listed in this (and other) examples but it's stated as if the trifecta is listed here, when it is not. The trifecta is: access to your private data, exposure to untrusted content, and the ability to externally communicate. Web search as tool for an LLM agent is both exposure to untrusted content and the ability to externally communicate. | ||||||||
| ▲ | empiko an hour ago | parent | next [-] | |||||||
In my opinion, the trifecta can be reduced further to a simple statement: an attacker who can input into your LLM can control all its resources. | ||||||||
| ▲ | Kevcmk 16 minutes ago | parent | prev | next [-] | |||||||
This isn’t the trifecta. It’s: * Untrusted input * Privileged access * Exfiltration vector | ||||||||
| ▲ | swyx 2 hours ago | parent | prev [-] | |||||||
yeah TFA gets it wrong. source: https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/ | ||||||||
| ||||||||