[radq]

The plugin is supposed to ask for confirmation, according to OpenAI's documentation at least.

> When a user asks a relevant question, the model may choose to invoke an API call from your plugin if it seems relevant; for POST requests, we require that developers build a user confirmation flow to avoid destruction actions.

https://platform.openai.com/docs/plugins/introduction

[wunderwuzzi23]

This was added recently, and is not enforced as far as I can tell.

See my blog post: https://embracethered.com/blog/posts/2023/chatgpt-plugin-vul...

[p-e-w]

That's terrifying. This simple requirement would be trivial to enforce automatically, and yet nobody gives a fuck.

It's unbelievable how fast-and-loose people are playing the topic of AI safety. If a strong AI is ever actually developed, there is no chance it will be successfully contained.

[ilaksh]

That's why he had to authenticate with GitHub before it could do anything on his behalf.

[vikramkr]

That doesn't satisfy the requirement for a confirmation on each post request though

[fieldcny]

What requirement is that the specific text is “for POST requests, we require that developers build a user confirmation flow to avoid destruction actions.”

a) it says the require the plug-in developer so, not the ai

b) it’s scoped to destructive actions which is a subset of post requests

[wilg]

It does because the requirement is only for destructive actions

[vikramkr]

The requirement is for POSTs in general, not just deletes. Anything that does actions outside of the system instead of just getting data

[wilg]

The wording is ambiguous, but probably should apply. Also the rule should not be based on HTTP verbs at all since that's the wild west.