logoalt Hacker News

vqtskayesterday at 3:07 PM3 repliesview on HN

Sure, if you assume the agent will be hostile on you. I thought it's just so the agent doesn't accidentally rm -rf / on you


Replies

killerstormyesterday at 3:11 PM

The agent might install hostile software, e.g. a npm package. Unfortunately, very common problem nowadays.

Retr0idyesterday at 4:26 PM

There are documented instances of LLMs casually using LPEs in order to achieve an objective: https://xcancel.com/sluongng/status/2060746160558543217

And that's without anything like prompt injection happening.

pigeonsyesterday at 3:10 PM

They do try privilege escalation unprompted.