(twitter.com)

645 points helloplanets | 1 comments | 24 Aug 25 15:14 UTC | HN request time: 0.204s | source

Show context

_fat_santa ◴[24 Aug 25 16:09 UTC] No.45005348[source]▶

IMO the only place you should use Agentic AI is where you can easily rollback changes that the AI makes. Best example here is asking AI to build/update/debug some code. You can ask it to make changes but all those changes are relatively safe since you can easily rollback with git.

Using agentic AI for web browsing where you can't easily rollback an action is just wild to me.

replies(5): >>45005645 #>>45005694 #>>45005757 #>>45006070 #>>45008315 #

psychoslave ◴[24 Aug 25 16:40 UTC] No.45005645[source]▶

>>45005348 #

Can't the facility just as well try to nuke the repository and every remote it can push force to? The thing is that with prompt injection being a thing, if the automation chain can access arbitrary remote resources, the initial surface can be extremely tiny initially, once it's turned into an infiltrated agent, opening the doors from within is almost a garantee.

Or am I missing something?

replies(2): >>45005666 #>>45050979 #

1. frozenport ◴[24 Aug 25 16:43 UTC] No.45005666[source]▶

>>45005645 #

Yeah we generally don’t give those permissions to agent based coding tools.

Typically running something like git would be an opt in permission.

↑

Comet AI browser can get prompt injected from any site, drain your bank account