Isn’t this a good case for LLMs? Audit at compile time all of the dependencies? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		whatever1 24 days ago \| parent \| context \| favorite \| on: Shai-Hulud malware attack: Tinycolor and over 40 N... Isn’t this a good case for LLMs? Audit at compile time all of the dependencies?

huem0n 24 days ago [–]

Please no, see

> Using CVE reports as a weapon

https://www.youtube.com/watch?v=GDdlRiThDeg

whatever1 24 days ago | [–]

Oh you took it further, let the LLM take the wheel. I was just referring to the LLM raising a red flag during compilation. So worst case scenario it will just raise a false positive.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact