Putting aside the "LLM" part, it seems very similar to the situation where we don't just "exec" stuff from inside code that takes user input, because you're opening up a can of security worms.
Putting aside the "LLM" part, it seems very similar to the situation where we don't just "exec" stuff from inside code that takes user input, because you're opening up a can of security worms.