If you're not sandboxing your agent, everything on your computer is waiting to be exposed.

Assuming that file permissions will save you is naively dangerous.

It seems insane to me that so many people are OK with this. Why is it necessary for an agent to upload every bit of data it sees to OpenAI at all? Particularly if my agents can’t remember anything beyond a single session, why should the data exist permanently anywhere but in its original location?

	▲	jstanley an hour ago \| parent [-]
		> Why is it necessary for an agent to upload every bit of data it sees to OpenAI at all? The LLM is running at OpenAI. The agent doesn't see anything that doesn't get sent to OpenAI. It's like running a compiler in the cloud and asking why you need to send your source code to it when you only want the binary to be on your local PC. It's because that's where the processing is going on and it can't process what it can't see. > why should the data exist permanently anywhere but in its original location? Sure, they don't necessarily have to retain it permanently.