| ▲ | kbart 4 hours ago | |
How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies? This seems hugely irresponsible. | ||
| ▲ | embedding-shape 4 hours ago | parent | next [-] | |
> How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies? I think most of these discussions aren't about irresponsible vibe-coders, as that whole thing is mostly a fun joke more than something serious. The rest of developers who use LLMs for development, review the code the agent writes, iterates and makes changes. Think more like pair-programming, than "Write me X then deploy to production". I know Twitter makes it seem like everyone is doing vibe-coding and YOLOing podman images into production, but it's very uncommon in a serious/production environment to act like that. While a proper structure doesn't make it impossible for the LLMs to add backdoors either via dependencies or otherwise, but it sure makes it a lot harder. Personally, LLMs are barely able to work alongside developers and not miss anything, I wouldn't be so worried about them being able to do normal work + malicious work at the same time, as they barely handle the first part properly yet. | ||
| ▲ | flexagoon 4 hours ago | parent | prev [-] | |
> How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies? I read the code. | ||