alt Hacker NewsIt wouldn't work (as the author acknowledged) but the software would get pulled as a supply-chain risk and the developer blacklisted, ok.
What I would support anyhow is less destructive "attacks" using prompts more likely to work (modern LLMs still are a bit stupid, prompt injection doesn't seem to have been solved).
Define "less-destructive." Even 00's malware that just changed the desktop wallpaper was still malware.