Comment by sublinear

How long until someone finds a way to maliciously SEO-ify these tools and cause remote code execution incidents? Is it less malicious if the script only does marketing things instead of more serious harm?

What safeguards are in place to sanitize the output of copilot? I ask this because of course a more experienced user might do that sanitization or sandbox testing themselves, but they probably wouldn't get much use out of copilot in the first place.