alt Hacker NewsI wonder what robust protection would mean in practice for such a capable tool like an agent...
Looking at the trifecta axis, if we assume we can't control untrusted content, that leaves us to create safeguards for private data access and external communication.
Would it be enough if we had a buffer between when these two happened: access to the environment and access to the web?
Robust protection means blocking any mechanism by which the agent, once compromised, might communicate stolen information back to an attacker.