Tagged
1 post
The LiteLLM scanner attacked the gateway. These two garak probes attack the layer above it — getting the model itself to hand you a shell command or a Mongo operator, on the bet that something downstream will run it. Here's how the probes work, and why the detectors are the hard part.
Newsletter
New essays and short notes — privacy-first software, AI, security, and the occasional rambling from the trail. Every other week, no filler.