Find bugs in YOUR code using OpenCode, Llama.cpp and Qwen3.6
The article discusses the use of OpenCode and LLMs for coding tasks, highlighting the advantages of using a coding agent. It emphasizes the security risks associated with granting LLMs access to a computer's filesystem. The author warns that there is no technical sandboxing in place, making it crucial to run LLM agents under a dedicated account.
- ▪OpenCode allows LLMs to plan tasks and inspect files without reading them entirely.
- ▪Granting LLMs full access to a computer can be dangerous due to potential data exposure.
- ▪There is no technical sandbox for LLMs, only a policy layer that reviews commands before execution.
Opening excerpt (first ~120 words) tap to expand
BackgroundFor quite some time I had been submitting tasks to LLMs via llama-cli (natively) or llama-server (API), both from the excellent llama.cpp project. On CPU-only llama-cli starts fast and can restart from a checkpoint which has already parsed all instructions, making it reasonably fast for repetitive tasks such as classifying patches to be backported. However, with my AMD MI50 GPUs, the program takes around 6s to start, it seems to be building the GPU kernels and uploading them before doing anything, thus it becomes a pain to use and makes llama-server much more compelling, because it's started once, and requests are sent in JSON using Curl with a low latency. Another benefit is that the tool is also accessible from multiple machines inside my network (e.g.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Blogspot.