|
|
|
|
|
|
by mark_undoio
307 days ago
|
|
|
I'm pretty comfortable with the agent scaffolding just restricting directory access but I can see places it might not be enough... If you were being really paranoid then I guess they could write a script in the local directory that then runs and accesses other parts of the filesystem. I've not seen any evidence an agent would just do that randomly (though I suppose they are nondeterministic). In principle maybe a malicious or unlucky prompt found somewhere in the permitted directory could trigger it? |
|
|