Comment by TeMPOraL
2 days ago
Indeed. Bur ironically, this is exactly the position most people propose to take with MCPs.
From the POV of the service, prompt injections are immaterial - the LLM is acting on behalf of the user, so as long as it's limited to the same actions/privileges the actual user has, it's really not the job of the service to police what the LLM does. It's the user's choice to delegate to an LLM instead of doing something themselves.
No comments yet
Contribute on Hacker News ↗