Supply chain attacks will still work. Most people aren’t going to have a custom Node, a custom CPython, or all custom libraries. One can fuzz software without the source for common classes of vulnerabilities. With the same handful of models writing a bunch of that bespoke software new horizons open up. Maybe GPT tends to insert the same bug over and over, while Claude inserts another.
Maybe, in fact, some group somewhere combines supply chain attacks with models and/or agents. A model or agent that’s compromised upstream and becomes designed to insert a backdoor is not beyond possibility.
Maybe, in fact, some group somewhere combines supply chain attacks with models and/or agents. A model or agent that’s compromised upstream and becomes designed to insert a backdoor is not beyond possibility.