It wouldn't work (as the author acknowledged) but the software would get pulled as a supply-chain risk and the developer blacklisted, ok.

What I would support anyhow is less destructive "attacks" using prompts more likely to work (modern LLMs still are a bit stupid, prompt injection doesn't seem to have been solved).

▲

minimaxir 4 hours ago | parent [-]

Define "less-destructive." Even 00's malware that just changed the desktop wallpaper was still malware.

	▲	g-b-r 4 hours ago \| parent [-]
		If it did that for a good cause, paying attention to not cause any loss, I'd probably call that benware ;) Less destructive anyhow is e.g. convincing the LLM to stop, or to make junk commits, or to go in a loop for a little, anything inconvenient enough to make the LLM and its user give up without causing losses (or at least losses unrelated to the project, since you were told to not use LLMs on the project).