He doesn't include the best solution in the 'what actually works' section: Give ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		soerxpso 62 days ago \| parent \| context \| favorite \| on: “Disregard That” Attacks He doesn't include the best solution in the 'what actually works' section: Give your LLM the same level of permissions that you would give a human you just hired in the same role. The examples given, tricking the customer support LLM into sending text messages to all users, or into transferring money, are not things that you would ever give a human customer support agent the tools to do. At some businesses that employ humans, you have to demonstrate good judgement for months before they even let you touch the keys to the case that has the PS5 games in it.

nitwit005 61 days ago [–]

I haven't encountered a support person so locked down that they couldn't do anything impactful. Even simple things like booking or canceling appointments has financial consequences.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact