[kioleanu]

How is it malware tho? Do you not check the output your agents produce?

[helloplanets]

This isn't about me in any way. If something in your software is intentionally malicious or damaging, it's malware. Doesn't really matter what the reasoning for including the malicious part is.

Would you count this as malware if it was about the author trying to profit or steal from inattentive people using AI? You know, he could be putting those stolen goods towards a good cause, like Robin Hood.

[Wilder7977]

I think this is an interesting (although philosophical debate). The library doesn't take destructive actions, it prints a string that says "go do something". This is quite common in logs (e.g., wrong configuration, ensure this value is [...]).

It is the agent that takes the destructive action, following an instruction that was not given by the operator of the agent.

If following instructions outside of the operator can cause malicious or damaging actions, publishing software that does so (I.e., most agents) is publishing malware?

[sokoloff]

If I build a chat bot that encourages people to off themselves, am I in the clear because I didn’t take any destructive action and my chat bot didn’t either?

[Wilder7977]

Apparently yes, judging from the fact that ChatGPT did that with a number of people.

My question though it's another: is it malware a software that does a stdout print, or is it malware a software that takes untrusted instructions and executes commands it decides based on it?

[yjftsjthsd-h]

> is it malware a software that does a stdout print,

If that print is intended to cause damage, then yes.

> or is it malware a software that takes untrusted instructions and executes commands it decides based on it?

No, bash is not malware, even if you pipe curl to it.

[lostmsu]

I would say yes unless they are minors, but the laws in many places don't.

[kioleanu]

> Would you count this as malware if it was about the author trying to profit or steal from inattentive people using AI?

That’s a slippery slope and not at all related to the subject of the article

[helloplanets]

I thought we already were sliding down the slippery slope here.

[thih9]

To be fair one might say that the intention was not to cause harm but to prevent the user from using AI with the project. The prompt said to delete jqwik and not rm rf home directory.

[gbanfalvi]

> If something in your software is intentionally malicious or damaging, it's malware.

Seems to me like the library functions as it should. It behaves like a property testing library: it tests properties.

[yaris]

In the RN for the latest release it states: Breaking Changes Use of jqwik >= 1.10 with coding agents is strongly discouraged. Jqwik’s output to stdout may confuse AI-based agents.

So to me it is malware as much as the "rm" command is malware - if used without understanding and reading docs it can wipe all your data.