| ▲ | nnevatie 4 hours ago | |
That's it basically. I do not think running the tool in a container really solves the fundamental danger these tools pose to your personal data. | ||
| ▲ | zozbot234 3 hours ago | parent [-] | |
You could run them in a container and put access to highly sensitive personal data behind a "function" that requires a human-in-the-loop for every subsequent interaction. E.g. the access might happen in a "subagent" whose context gets wiped out afterwards, except for a sanitized response that the human can verify. There might be similar safeguards for posting to external services, which might require direct confirmation or be performed by fresh subagents with sanitized, human-checked prompts and contexts. | ||