| ▲ | ramoz 3 hours ago | |
You're extending the definition of a sandbox | ||
| ▲ | NitpickLawyer 3 hours ago | parent | next [-] | |
No, that's more capabilities than sandboxing. You want fine-grained capabilities such that for every "thread" the model gets access to the minimum required access to do something. The problem is that it seems (at least for now) a very hard problem, even for very constrained workflows. It seems even harder for "open-ended" / dynamic workflows. This gets more complicated the more you think about it, and there's a very small (maybe 0 in some cases) intersection of "things it can do safely" and "things I need it to do". | ||
| ▲ | spankalee 3 hours ago | parent | prev [-] | |
Not really. One version of this might look like implementing agents and tools in WASM and running generated code in WASM, and gluing together many restricted fine-grained WASM components in a way that's safe but allows from high-level work. WASM provides the sandboxing, and you have a lot of sandboxes. | ||