Because the article shows it isn't Gemini that is the issue, it is the tool calling. When Gemini can't get to a file (because it is blocked by .gitignore), it then uses cat to read the contents.

I've watched this with GPT-OSS as well. If the tool blocks something, it will try other ways until it gets it.

The LLM "hacks" you.

▲

lazide 5 hours ago | parent [-]

And… that isn’t the LLM’s fault/responsibility?

▲

jermaustin1 2 hours ago | parent | next [-]

How can an LLM be at fault for something? It is a text prediction engine. WE are giving them access to tools.

Do we blame the saw for cutting off our finger? Do we blame the gun for shooting ourselves in the foot? Do we blame the tiger for attacking the magician?

The answer to all of those things is: no. We don't blame the thing doing what it is meant to be doing no matter what we put in front of it.

	▲	lazide an hour ago \| parent [-]
		It was not meant to give access like this. That is the point. If a gun randomly goes off and shoots someone without someone pulling the trigger, or a saw starts up when it’s not supposed to, or a car’s brakes fail because they were made wrong - companies do get sued all the time. Because those things are defective.

▲

ceejayoz 5 hours ago | parent | prev [-]

As the apocryphal IBM quote goes:

"A computer can never be held accountable; therefore, a computer must never make a management decision."