485
Dev Says He’s Getting Threats After Leaving a Booby Trap for Vibe Coders (gizmodo.com)
submitted 1 day ago by resipsaloquitur@lemmy.cafe to c/fuck_ai@lemmy.world
111 comments fedilink hide all child comments

cross-posted from: https://infosec.pub/post/47200357

One critic called the move “petulance beyond measure.”

you are viewing a single comment's thread
view the rest of the comments
[-] brucethemoose@lemmy.world 23 points 7 hours ago* (last edited 7 hours ago)

That it’s even an issue is a sign of how insanely insecure agent frameworks are.

Users don’t even do the most basic checks to (say) verify and clean bot actions, limit them, containerize them, anything. That’s “getting fired” unacceptable in pretty much any other field.

It’s also insane how susceptible the bots are to prompt injections. It’s not just that they’re dumb, or that they ignore licenses and dev requests, but that they’re trained to be sycophantic until they’re deep fried, without any pushback or sense of reason against obvious adversarial instructions.

[-] boonhet@sopuli.xyz 2 points 18 minutes ago* (last edited 16 minutes ago)

It's an issue of how insanely insecure giving an agent a blank check for everything is.

I've tested, Claude Code, Codex and Mistral Vibe. They all prompt you for any writes or actions and any other tool calls that could be destructive, as well as any reads from outside of the current working directory scope. By default.

But then if you have to answer "yes" to everything you want to allow, you have to be at the keyboard! Such horrible! Let's give the agent permission to do "bash *" and "python *" and "rm *" and....

I'm blaming this one on the users, not the frameworks. Anyone using such a tool should know that they're non-deterministic and giving them full access to everything can be incredibly destructive.

Incidentally that's why we're not all completely replaced by non-technical people vibe coding entire applications just yet, even if Opus with xhigh/max thinking settings can outperform a lot of developers. It's because if you let a non-technical person give all this power to an agent or even just hit yes without reading the commands being prompted for, it's gonna bite the entire company in the ass hard.

this post was submitted on 30 May 2026
485 points (99.2% liked)

Fuck AI

7193 readers
2333 users here now

"We did it, Patrick! We made a technological breakthrough!"

A place for all those who loathe AI to discuss things, post articles, and ridicule the AI hype. Proud supporter of working people. And proud booer of SXSW 2024.

AI, in this case, refers to LLMs, GPT technology, and anything listed as "AI" meant to increase market valuations.

founded 2 years ago
MODERATORS
VerbFlow@lemmy.world
MrMcGasion@lemmy.world
TootSweet@lemmy.world
BigMikeInAustin@lemmy.world
cynar@lemmy.world
drmeanfeel@lemmy.world
pavnilschanda@lemmy.world
CriticalMedicine@lemmy.world
WonderfulWanderer@lemmy.world
Communist@lemmy.ml
eatCasserole@lemmy.world
SpaceNoodle@lemmy.world
NutWrench@lemmy.world
Soup@lemmy.cafe
iAvicenna@lemmy.world
Tinks@lemmy.world
wizblizz@lemmy.world
corus_kt@lemmy.world
Prandom_returns@lemm.ee
JimSamtanko@lemm.ee
TrickDacy@lemmy.world
TheFriar@lemm.ee
ArmokGoB@lemmy.dbzer0.com
HawlSera@lemm.ee
andrew_bidlaw@sh.itjust.works
MeDuViNoX@sh.itjust.works
33550336@lemmy.world
Nougat@fedia.io
Lost_My_Mind@lemmy.world
Quill7513@slrpnk.net
glowing_hans@sopuli.xyz
e8d79@discuss.tchncs.de
ThefuzzyFurryComrade@pawb.social