|
|
|
|
|
|
by postexitus
53 days ago
|
|
|
Impossible without a human in the loop. Having said that - even categorisation of destructive and non destructive calls is inherently not safe, unless you have very strict os level / VM like setup (everything read only, world access is through MCPs so it is not LLM deciding the destructive calls but the MCP etc. ) |
|
|