You could (should?) run it on a test server/VPS before committing anything to production. I have a little VPS set up just for this purpose. Spin something up on it and observe.
Comment on A dummy's request for Nepenthes
ShortN0te@lemmy.ml 6 days agoBut still, how would verify if the config is good or not? For example if it exposes root?
irmadlad@lemmy.world 5 days ago
ShortN0te@lemmy.ml 5 days ago
You are still talking about someone that is not able to create the config themself, but that someone should be able to test everything?
theunknownmuncher@lemmy.world 6 days ago
Yeah I’m not saying its perfect and LLMs are non-deterministic so it could give you some crap. How do you verify some random stranger from the internet wasn’t an asshole and gave you malicious config? 🤷 The best answer is probably just that OP should heed the warning on the website the linked, if they have no confidence or relevant skills:
ShortN0te@lemmy.ml 5 days ago
There is no guarantee either, but on a public forum at least a couple of eyes look at it too. Not saying that this makes it trust worthy. But a LLM usually words it output very direct and saying “this is the absolut truth” which can lead to a much higher trust relation then a stranger on a forum that writes “maybe try this”.
I generelly would not recommend using the llm for potential security related questions (or important or professionally questions) were your own knowledge is not big enough to quickly vet the output.