top | item 46861023

(no title)

lucideng | 28 days ago

For security (or anything else really), you can ask the LLMs to implement those features, but it is up to you to verify that they are implemented correctly. The OWASP Top 10 are a good place to start.

Don't just trust it. I've done websites as sample projects to work with LLMs to understand them better.... and while sometimes brilliant, they can miss really obvious things. One time it did user login but never actually verified the password set for a user login.

Treat it like an intern/assistant, not a magical thing that does work for you. While sometimes brilliant, they can miss obvious things, especially if you don't hold its hand. Verify, verify, verify.

discuss

No comments yet.