What isolation is there? If a compromised sub agent returns data that gets inser... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		__jonas 5 months ago \| parent \| context \| favorite \| on: ChatGPT agent: bridging research and action What isolation is there? If a compromised sub agent returns data that gets inserted into the main agents context (structured or not) then the end result is the same as if the main agent was directly interacting with the compromising resource is it not?

itsalotoffun 5 months ago | [–]

Exactly. You can't both give the model access AND enforce security. You CAN convince yourself you've done it though. You see it all the time, including in this thread.

seunosewa 5 months ago | [–]

Perhaps a reference to the data can be inserted in prompt. thee key or filename

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact