Remix.run Logo
kbart 4 hours ago

How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies? This seems hugely irresponsible.

embedding-shape 4 hours ago | parent | next [-]

> How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies?

I think most of these discussions aren't about irresponsible vibe-coders, as that whole thing is mostly a fun joke more than something serious. The rest of developers who use LLMs for development, review the code the agent writes, iterates and makes changes. Think more like pair-programming, than "Write me X then deploy to production".

I know Twitter makes it seem like everyone is doing vibe-coding and YOLOing podman images into production, but it's very uncommon in a serious/production environment to act like that. While a proper structure doesn't make it impossible for the LLMs to add backdoors either via dependencies or otherwise, but it sure makes it a lot harder.

Personally, LLMs are barely able to work alongside developers and not miss anything, I wouldn't be so worried about them being able to do normal work + malicious work at the same time, as they barely handle the first part properly yet.

flexagoon 4 hours ago | parent | prev [-]

> How do you know that they don't train their models or append your prompts to add backdoors, or compromise your supply chain by including evil dependencies?

I read the code.