| ▲ | medi8r 5 hours ago | |
Also agents cannot trust any data whatsoever they add to their context. This puts reading email for example as a risk. Probably not impossible to create a worm that convinces a claw to forward it to every email address in that inbox. And then exfiltrate all the emails. Then do a bunch of password resets. Then get root access to your claw. But not just email. Github issues, wikipedia, HN etc. may be poisoned. See https://simonw.substack.com/p/the-lethal-trifecta-for-ai-age... but there may be more trifectas than that in a claw driven future. | ||