70Trust
Verified
π Web Verified
Alice Averlongπ³οΈββ§οΈonMastodon2d ago
It's amazing how fast attitudes to security in the industry has changed. Like, I remember in 2023ish spending a while working on a system to securely trigger remote builds, because we couldn't have our slack chatbots on the same network as our Jenkins server
And in 2026 they just give a 3rd party LLM write access to both + the git repo
Trust Metrics
72
75
55
78
Accuracy72%
Framing75%
Context55%
Tone78%
Analysis Summary
A security researcher is noting that organizations have rapidly shifted from strict network segmentation practices in 2023 to granting third-party LLMs direct write access to critical infrastructure like git repos by 2026. Recent supply chain attacks including the CVE-2026-3854 GitHub RCE vulnerability and Checkmarx breach confirm that LLM-enabled access to repositories has created real exploitable risks in 2026, validating the underlying concern. The post doesn't specify which organizations or LLMs are doing this, so the claim remains observational rather than citing a specific incident.
Claims Analysis (2)
βIn 2023 there was industry concern about network segmentation for secure build systems (keeping Slack chatbots off Jenkins servers)β
Author describes their personal experience; reflects real security practice of that era.
βBy 2026, organizations are giving third-party LLMs write access to both critical infrastructure and git repositoriesβ
Recent CVEs (CVE-2026-3854, Checkmarx incident) confirm LLM-related supply chain attacks and git repo compromises occurred in 2026.
Verify Yourself
Was this analysis helpful?
Try ClearFeed free β