Comment by insanitybit

1. We've seen LLMs detect existing supply chain attacks when pointed at malicious install scripts. This is direct, empirical support for my position.

2. We have a long history of using heuristic technologies to detect attacks. We can infer that other heuristic technologies can be combined in a successful manner.

3. Shortcomings of LLMs are directly addressed by removing attacker controlled information from the input, which I specifically called out (using tools like grep for pattern matching + using sub agents to isolate contexts). This has been demonstrated already in a number of ways - feeding the LLM derived facts instead of attacker controlled data is the well worn path to avoiding injection attacks.