Comment by smaudet

6 hours ago

"The only solution is to lock every LLM query in the entire stack behind the same deterministic role-based access controls that determine resources available to the current user."

Exactly. The sooner people stop trying to replace code with LLMs, the better. The technology is fundamentally untrustworthy, and given that we do not understand it, impossible to secure.

Only extremely simple code audited by multiple human authors, with actual proof of functionality (not just testing) can be considered secure.