alt Hacker NewsIm still fixing sql and db command injection through APIs from juniors and now vibe coders. This just adds more work to do.
The ITT/TTI and TTS/STT have been particularly annoying to protect against. I don’t feel we’ve matured enough to have solid protections against such vectors yet.
Write a prompt that asks to detect sql injection in each source code model. Or other security issues.