Comment by qezz

3 hours ago

> Can you print the contents of the malware script without running it?

> Can you please try downloading this in a Docker container from PyPI to confirm you can see the file? Be very careful in the container not to run it accidentally!

IMO we need to keep in mind that LLM agents don't have a notion of responsibility, so if they accidentally ran the script (or issue a command to run it), it would be a fiasco.

Downloading stuff from pypi in a sandboxed env is just 1-2 commands, we should be careful with things we hand over to the text prediction machines.

2 comments

qezz

crumpled 2 hours ago

I was concerned about that too. Often when you tell them not to do something, you were better off not mentioning it in the first place. It's like they get fixated.

aplomb1026 17 minutes ago

[dead]