Fair enough makes sense to not have trust!
We like to believe we're pretty trustworthy, and do our best to make everything secure.
Fair enough makes sense to not have trust!
We like to believe we're pretty trustworthy, and do our best to make everything secure.
i actually really like your product for what it's worth. don't listen to the haters. hackers build things.
i just won't use it, and nobody should, unless they can understand exactly how it works and reason for themselves about the risks they are taking. you clearly work hard and care deeply about what you are building, and it will be very useful. but it has the potential to cause widespread harm, no matter how trustworthy you are, how much you care about it, or what your intentions are.
with respect to user security and privacy, doing your best is not much better than yolo security. the minimum standard should be to research the threat landscape, study the state of the art in methods to mitigate those threats, implement them, and test them thoroughly, yourselves and through vendors. iterate through that process continuously, alongside your development. it will never end. or, you can open source it and the internet does this for you for free. build something people love, grow traction, convert that to money. THEN figure out how to make money from them.. not the other way around. or, more likely, some combination of all of the above.
someone else linked you to simon wilson's lethal trifecta page, i would absolutely start there, and read everything linked as well. pangea and spectreops both do good work in the llm pentesting space, i'm sure there are more.