alt Hacker NewsIt's absolute negligence for anyone to be installing anything at this point in this space. There is no oversight, hardly anyone looking at what's published, no automated scanning and there is no security model in place that works that isn't vulnerable to prompt injection.
We need to go back to the drawing board. You might as well just run curl https://example.com/script.sh | sudo bash at this point.
Replies
> You might as well just run curl https://example.com/script.sh | sudo bash at this point.
Hey I ran this command and after I gave it my root password nothing happened. WTH man? /s
Point being, yeah, it's a little bit like fire. It seems really cool when you have a nice glowing coal nestled in a fire pit, but people have just started learning what happens when they pick it up with their bare hands or let it out of its containment.
Short-term a lot of nefarious people are going to extract a lot of wealth from naive people. Long term? To me it is another nail in the coffin of general computing:
> The answer is not to stop building agents. The answer is to build the missing trust layer around them. Skills need provenance. Execution needs mediation.
Guess who is going to build those trust layers? The very same orgs that control so much of our lives already. Google gems are already non-transportable to other people in enterprise accounts, and the reasons are the same as above: security. However they also can't be shared outside the Gemini context, which just means more lock-in.
So in the end, instead of teaching our kids how to use fire and showing them the burns we got in learning, we're going teach them to fear it and only let a select few hold the coals and decide what we can do with them.
[dead]
It's far worse than that. `curl | bash` is at least a one-time thing coming from a single source. An autonomous agent like OpenClaw is more like running `slack | bash` or `mail | bash`.