Comment by reallymental

2 years ago

Neat idea, I was wondering if this would change if you've got some plugins installed, and it does! If this is not a "hallucination", this is a valid repeatable experiment.

I've loaded the "Polygon.io" plugin, and it spat out the entire JS behind the plugin.

Here's the pastebin for this, as the text was too long. https://pastebin.com/4bWGNmXs

1 comment

reallymental

Reply
pedrovhb  2 years ago

That's not really the entire js of the plugin, but its schema; it's generated from the OpenAPI spec which you have to provide when writing actions/plugins. When I was looking through the requests for the available plugins the spec URL was visible and necessarily publicly accessible. I haven't checked for Actions with the new "GPTs" thing but I'd imagine it still is.