Comment by bspammer

1 day ago

I don’t really understand the point of sandboxing if you’re going to give it access to all your accounts (which it needs to do anything useful). It reminds me of https://xkcd.com/1200/

4 comments

bspammer

Reply
tokenless  21 hours ago

Because you don't give it access to all your accounts, you choose what. And files on your PC may be private and you don't want to risk exposing them.

A use case may be for example give it access to your side project support email address, a test account on your site and web access.

bjackman  1 day ago

Yeah I have been planning to give it its own accounts on my self hosted services.

I think the big challenge here is that I'd like my agent to be able to read my emails, but... Most of my accounts have Auth fallbacks via email :/

So really what I want is some sort of galaxy brained proxy where it can ask me for access to certain subsets of my inbox. No idea how to set that up though.

  • tokenless  21 hours ago

    > So really what I want is some sort of galaxy brained proxy where it can ask me for access to certain subsets of my inbox. No idea how to set that up though.

    Though of the same idea. You could run a proxy that IMAP downloads the emails and then filters and acts as IMAP server. SMTP could be done the same limited to certain email addresses. You could run an independent AI harmful detector just in case.

    • bjackman  3 hours ago

      Yeah I think for SMTP it's easy since it's perfectly scalable to do manual approval for each mail.

      But not really sure how to set up safe search. One idea I had was to say "nobody would ever put a secret in the subject line, right..?". Then you could let the agent read all the headers and just have it ask permission to see the body.

      That's still not entirely safe since if you can search the body you can eventually infer the presence of arbitrary strings. But I think you could probably mitigate that risk by just setting up alerts for if the agent starts spamming loads of searches?