| ▲ | phrotoma 9 hours ago | |
Perhaps I'm off base here but it seems like the goal is: 1. allow an agent to run wild in some kind of isolated environment, giving the "tight loop" coding agent experience so you don't have to approve everything it does. 2. let it execute the code it's creating using some credentials to access an API or a server or whatever, without allowing it to exfil those creds. If 1 is working correctly I don't see how 2 could be possible. Maybe there's some fancy homomorphic encryption / TEE magic to achieve this but like ... if the process under development has access to the creds, and the agent has unfettered access to the development environment, it is not obvious to me how both of these goals could be met simultaneously. Very interested in being wrong about this. Please correct me! | ||
| ▲ | 0o_MrPatrick_o0 30 minutes ago | parent [-] | |
You’ve got my intent correct! Where I’m at with #2 is the agent builds a prototype with its own private session credentials. I have orchestration created that can replicate the prototyping session. From there I can keep final build keys secret from the agent. My build loop is meant to build an experiment first, and then an enduring build based on what it figures out. | ||