The problem with this is that you have to give your LLM basically unbounded acce... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		empath75 7 months ago \| parent \| context \| favorite \| on: Tools: Code Is All You Need The problem with this is that you have to give your LLM basically unbounded access to everything you have access to, which is a recipe for pain.

the_mitsuhiko 7 months ago [–]

Not necessarily. I have a small little POC agentic tool on my side which is fully sandboxed, an it's inherently "non prompt injectable" by the data that it processes since it only ever passes that data through generated code.

Disclaimer: it does not work well enough. But I think it shows great promise.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact