• Muffi@programming.dev
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 hours ago

    Man, I am so glad I moved all my stuff to a local gitea instance. Microsoft really is the king of enshittification.

  • Marija_@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 hours ago

    This is exactly why AI agents should have the least privilege possible. Convenience is great until it starts exposing things nobody intended.

  • OwOarchist@pawb.social
    link
    fedilink
    English
    arrow-up
    10
    ·
    15 hours ago

    You should never ever under any circumstances give an LLM access to any private information you wouldn’t want leaked to the general public.

    I don’t care what promises the company behind the LLM makes, just don’t do it.

  • Otter@lemmy.ca
    link
    fedilink
    English
    arrow-up
    2
    ·
    13 hours ago

    This sounds really bad for companies that have their repos on GitHub?

    They should probably fix that before they get hit with lawsuits after a large scale leak of proprietary code.

    • chuckleslord@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 hours ago

      What is there to fix? You can’t defeat these conversational exploits because this is what LLMs are. They’re statistical word predictors, they must, by their design parameters, be able to accommodate anything the user says because that’s how conversations work. Eventually, no matter the prompt fixing you do, the user will eventually be able to storytell their way into getting the bot to do what they want.

      • Otter@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 hours ago

        Well fix as in, don’t give the LLM access to private repos in the first place.

        But that would require Microsoft to admit that they were wrong