Dev Says He's Getting Threats After Leaving a Booby Trap for Vibe Coders
gizmodo.com
One critic called the move “petulance beyond measure.”
  • searabbit@piefed.socialEnglish
    1757·
    23 days ago

    Both sides have a point. The great thing about open source projects is that any malicious code (which this was and why he’s getting threats) will get theoretically caught before too much damage is done. On the other hand, anyone deploying AI agents for commercial purposes should have security measures put in place to prevent exactly this threat scenario. It’s like the most obvious prompt injection attack; it’s obnoxious to pretend to be surprised by it at this point as if basic security measures don’t apply to you and your tools because it’s inconvenient.

    • atrielienz@lemmy.worldEnglish
      631·
      23 days ago

      The code wasn’t malicious. The prompts their LLM’S followed were in plain text. They failed to read. That’s on them.

      I can say that this person should have considered what might happen if someone fell for it, and death threats were certainly firmly in the realm of possibilities, but let’s not pretend this wasn’t their own fault.

      • Elvith Ma'for@feddit.org
        617·
        23 days ago

        The prompts their LLM’S followed were in plain text. They failed to read.

        In this case it WASN’T plain text, though. He printed the prompt injection and then ANSI escape characters to immediately hide them from a terminal output and the human eye.

        They only failed to read because he made them fail in an unfair way.

        • WraithGear@lemmy.worldEnglish
          22·
          23 days ago

          no because the part the vibe coders didn’t read was what the ai generated. they gave the ai direct access and unsupervised direction

          it’s fair game. LLM’s are very dumb, and will lie to you about dumping important parts of consideration and will just make up gaps in knowledge then admit a limitation.

    • GreenKnight23@lemmy.world
      281·
      23 days ago

      I saw the prompt, you know what it does? it attempts to delete the source code of the project from the system. that’s it. it’s not supposed to go off and delete the whole system or anything else.

      you would have to be an absolute retard to allow AI to run unprompted on your system and allow it to make system calls. anyone who got caught by this “injection” attack deserves the same amount of sympathy a fool gets for piping a web script directly through bash without reading it first.

      you get what you get and your don’t say shit.