Comment by jmcgough
10 hours ago
You might be okaying actions hundreds or thousands of times before you encounter an injection attack, at which point you probably aren't reading things before you approve.
10 hours ago
You might be okaying actions hundreds or thousands of times before you encounter an injection attack, at which point you probably aren't reading things before you approve.
I agree, that's the main issue with this approach. Long-term, it should only be used for truly sensitive actions. More mundane things like replying to emails will need a better solution.