| ▲ | andai 6 hours ago | |
Was building a claw clone the other day when for debugging I added a bash shell. So I type arbitrary text into a Telegram bot and then it runs it as bash commands on my laptop. Naturally I was horrified by what I had created. But suddenly I realized, wait a minute... strictly this is less bad than what I had before, which is the same thing except piped through a LLM! Funny how that works, subjectively... (I have it, and all coding agents, running as my "agent" user, which can't touch my files. But I appear to be in the minority, especially on the discord, where it's popular to run it as the main admin user on Windows.) As for what could go wrong, that is an interesting question. RCE aside, the agentic thing is its own weird security situation. Like people will run it sandboxed in Docker, but then hook it up to all their cloud accounts. Or let it remote control their browser for hours unattended... | ||