| ▲ | jagged-chisel 4 hours ago | ||||||||||||||||
Ok, so help me get this right: I ask the LLM for something, it generates prompts for sub-agents and sends them back to my client for it to call the sub-agents. Now, those sub-agent prompts are encrypted messages that the sub-agents will decrypt (by hitting a backend) to do their work. Might as well just stuff the prompts in a database and only hand back the primary key to the client to hand off to the sub-agents. Keeps the same “data security” without the overhead of encryption (especially since encryption and decryption are happening in the same domain) | |||||||||||||||||
| ▲ | watusername 4 hours ago | parent | next [-] | ||||||||||||||||
> sub-agents will decrypt (by hitting a backend) to do their work Your local harness never decrypts the prompt, and only the OpenAI backend does. Your harness still sees tool calls in the transcript so it can act, but you lose (some) visibility as to why the subagent chooses to do so. Imagine seeing this transcript during forensics: [encrypted blob][thinking summary: I need to drop the prod database][shell: psql "drop database users"] | |||||||||||||||||
| |||||||||||||||||
| ▲ | vbs_redlof 4 hours ago | parent | prev [-] | ||||||||||||||||
I imagine main agent tells subagent something along the lines of: use this tool on this local data with these instructions in ciphertext. Otherwise yeah, encryption would be redundant. | |||||||||||||||||