Your Search Button Powers my Smart Home

Tom Casavant has a fascinating look at what it means to expose an LLM to the world via your website. In essence: every LLM that is publicly accessible can be used as your own personal LLM — for mundane or nefarious reasons. Which means people can easily burn through your money to do what they want. Or they can just burn through your money for the fun of it.

Every website that has a public LLM has this issue and I don't think there's any reasonable way to prevent it.

It’s sort of analogous to building a /search endpoint for your website, but then anyone who wanted could use your /search as Google and you pay the costs for their usage.

Also this line pairs nicely with my post about the don’t contact us page:

far cheaper to have a robot sometimes make stuff up about your company than to have customers talk directly to real people.