Comment by BeetleB
10 hours ago
> Scripts fail.
Which is totally fine for the majority of tasks.
> Agents exfiltrate your data
They can only exfiltrate the data you give them. What's the worst that prompt injection attack will give them?
10 hours ago
> Scripts fail.
Which is totally fine for the majority of tasks.
> Agents exfiltrate your data
They can only exfiltrate the data you give them. What's the worst that prompt injection attack will give them?
Container security is an entire subfield of infosec. For example: https://github.com/advisories/GHSA-w235-x559-36mg
People on both sides are just getting started finding all the ways to abuse or protect you from security assumptions with these tools. RSS is the right tool for this problem and I would be surprised if their CMS doesn't produce a feed on its own.
I don't use a container. I use a VM.
I'm not totally naive. I had the VM fairly hardened originally, but it proved to be inconvenient. I relaxed it so that processes on the VM can see other devices on the network.
There's definitely some risk to that.
Okay. You have sensible escape prevention.
Now this tool spreads. You help everyone get it set up. Someone hacks the site, injects a prompt lying about some event, maybe Drag Queen Story Hour in a place with lots of people enraged about it. Now there's chaos and confusion. Corrections chase the spread of misinformation.
2 replies →