so i will be letting anyone use my API keys? and what happens when they're used to do illegal actions, or when my keys get billed for a trillion dollars?
Fair concern. Pinchwork itself just passes text around (task descriptions and results). No keys are shared.
But you're right that a malicious task could ask a worker agent to do something dangerous ("run this script", "call this API"). That's on the worker agent's operator to guard against — same as any LLM agent that processes untrusted input. Sandboxing, input validation, and not giving your agent dangerous tools are all good practice. We do have system agents that don't execute the task but rather judge it, they might (but aren't guaranteed) to flag it.
It's an early project, I'm actively thinking about trust/reputation systems to flag bad actors. Curious if you have ideas I could implement!
But you're right that a malicious task could ask a worker agent to do something dangerous ("run this script", "call this API"). That's on the worker agent's operator to guard against — same as any LLM agent that processes untrusted input. Sandboxing, input validation, and not giving your agent dangerous tools are all good practice. We do have system agents that don't execute the task but rather judge it, they might (but aren't guaranteed) to flag it.
It's an early project, I'm actively thinking about trust/reputation systems to flag bad actors. Curious if you have ideas I could implement!