← Back to context

Comment by crote

10 hours ago

Why not?

If Ford puts a button in their car which blows it up when you press it, removing the button fixes the issue. If your LLM implementation is fundamentally insecure, you'll have a giant gaping security hole until you remove your LLM implementation.

The alternative is arguing that having the LLM is worth routinely leaking all your code and secrets and occasionally giving complete strangers full access over your repos. Somehow, I think that's going to be a hard sell.

Right, except the researchers are the ones that added the button, pressed it and now are upset at Ford, in your example.

GitHub agents don’t have access to unrelated private repos by default, nor respond to public issue comments by default. The researchers manually configured the agent to have access to unrelated private repos and also process untrusted public comments.