alt Hacker NewsSkills are just more input to a language model, right?
That seems bad, but if you're also having your bot read unsanitized stuff like emails or websites I think there's a much larger problem with the security model
Replies
plagiarist • today at 3:11 PM
You are confused because the security flaws are so obvious it seems crazy that people would do this. It seems that many of us are experiencing the same perplexity when reading news about this.
➕ show 1 reply
No, skills are telling the model how to run a script to do something interesting. If you look at the skillshub the skills you download can include python scripts, bash scripts... i didn't look too much further after downloading a skill to get the gist of what they had done to wire everything up, but this is definitely not taking security into consideration