Josh Grossman
Josh Grossman
> I would also add a requirement around natural language validation is fairly essential. I see folks using a smaller AI engine (with no user data) to do natural language...
I have made this non-blocking. Jim has [PR'd](https://github.com/OWASP/ASVS/pull/1976) in some content and @ImanSharaf it would be great to get some extra content from you as well.
> @tghosth Should we talk about this package [hallucination](https://vulcan.io/blog/ai-hallucinations-package-risk/) attack in the appendix too? Maybe in output filtering? > Also, what do you think about this check `Ensure that any...
@jmanico sure go for it, which section in the appendix?
> W.2 Output Filtering for now. I may move this to a AI Code Generation section later! PR Submitted! Merged!
Great point @mgargiullo! I opened #2149 and I think we will close this issue after that
I think this appendix is slightly outside the standard ASVS scope but we are attempting to go above and beyond in any case. How about: "_In this appendix, ASVS version...
How about: "_In this appendix, ASVS version 5.0 goes beyond simply defining best practices for Cryptography but rather aims to enhance understanding of cryptography principles and encourage the adoption of...
So if I was to summarize what I understood here, the question is something along the lines of: "Are there niche cases where encoding would happen before data is stored."...
> How do you define “cache”, “stored”, “storage” and “double encoding”? What exactly is covered under each of these terms in ASVS context? Double encoding simply means doing an encoding...