Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm pretty comfortable with the agent scaffolding just restricting directory access but I can see places it might not be enough...

If you were being really paranoid then I guess they could write a script in the local directory that then runs and accesses other parts of the filesystem.

I've not seen any evidence an agent would just do that randomly (though I suppose they are nondeterministic). In principle maybe a malicious or unlucky prompt found somewhere in the permitted directory could trigger it?





Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: