logoalt Hacker News

angry_octettoday at 3:52 AM0 repliesview on HN

You can still build a system that isn't vulnerable by limiting the API the LLM can access. A process consuming untrusted comments for summarisation shouldn't have access to account private data, it should just deliver a summary report. Another process can them scan that and remove/disable links etc.