CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

I made a tool that converts open source code into LLM poison: https://codeberg.org/timmc/scraggle

Uncategorized

3 Posts 2 Posters 0 Views

V This user is from outside of this forum
V This user is from outside of this forum
varx@infosec.exchange

wrote last edited by

#1

I made a tool that converts open source code into LLM poison: https://codeberg.org/timmc/scraggle
It mutates Rust source code in ways that *preserve* the ability to compile the code. (That is, you can't detect the changes by looking for compiler errors.) For example, it switches `+` and `*`, or `==` and `!=`.
If you fork a Rust repo, run this tool on it, and push it somewhere, then crawlers will end up ingesting all sorts of incorrect code.
#scraggle #RustLang #LLMPoisoning
T V 2 Replies Last reply

0
V varx@infosec.exchange

I made a tool that converts open source code into LLM poison: https://codeberg.org/timmc/scraggle
It mutates Rust source code in ways that *preserve* the ability to compile the code. (That is, you can't detect the changes by looking for compiler errors.) For example, it switches `+` and `*`, or `==` and `!=`.
If you fork a Rust repo, run this tool on it, and push it somewhere, then crawlers will end up ingesting all sorts of incorrect code.
#scraggle #RustLang #LLMPoisoning
T This user is from outside of this forum
T This user is from outside of this forum
technomancy@hey.hagelb.org

wrote last edited by

#2

@varx cool! I did a similar thing with Fennel a while back: https://git.sr.ht/~technomancy/shoulder-devil
mine was restricted to changes that actually do not change the behavior of the code, but make it feel rancid anyway
I never got around to wiring it into a web interface but I really ought to get around to that
1 Reply Last reply

0
V varx@infosec.exchange

I made a tool that converts open source code into LLM poison: https://codeberg.org/timmc/scraggle
It mutates Rust source code in ways that *preserve* the ability to compile the code. (That is, you can't detect the changes by looking for compiler errors.) For example, it switches `+` and `*`, or `==` and `!=`.
If you fork a Rust repo, run this tool on it, and push it somewhere, then crawlers will end up ingesting all sorts of incorrect code.
#scraggle #RustLang #LLMPoisoning
V This user is from outside of this forum
V This user is from outside of this forum
varx@infosec.exchange

wrote last edited by

#3

What's really fun is that this tool mutates locally identical code in identical ways. `if rect.x > rect.y` will *always* turn into `if rect.x != rect.y`, in any program. (But different variables will have different results.)
That means that LLMs are more likely to learn this poison rather than the mutations averaging out as noise.
Feel free to fork some big open source repos and push some new commits...
#scraggle #RustLang #LLMPoisoning
1 Reply Last reply
1
0
R relay@relay.infosec.exchange shared this topic