Comment by ruduhudi
8 days ago
Oh good example
Claude recently tried to replace a html sanitizer with a custom regex that perfectly fit all our tests as well as the spec I wrote
8 days ago
Oh good example
Claude recently tried to replace a html sanitizer with a custom regex that perfectly fit all our tests as well as the spec I wrote
Agreed, you often dig into what it built and find something insanely over engineered or something that doesn’t match the “style” of your existing code.
In this case that‘s actually a security vulnerability, I‘ve also seen a case where it built an api with auth but added a route where anyone could just PUT a new API key into it. Sometimes its own code review catches these, sometimes it does not.