Slacker News Slacker News logo featuring a lazy sloth with a folded newspaper hat
  • top
  • new
  • show
  • ask
  • jobs
Library
← Back to context

Comment by OutOfHere

2 days ago

Why do people still use others untrusted Actions, especially without hashes? Just have an LLM write whatever script you need to do it yourself using the necessary tools.

Granted, if the underlying CLI tool itself is compromised, then avoiding the associated Action won't help you.

0 comments

OutOfHere

Reply

No comments yet

Contribute on Hacker News ↗

Slacker News

Product

  • API Reference
  • Hacker News RSS
  • Source on GitHub

Community

  • Support Ukraine
  • Equal Justice Initiative
  • GiveWell Charities