My friends and I were talking about the recent supply chain attack which harmlessly installed OpenClaw. We came to the conclusion that this was a warning (from a human) that an agent could easily do the same. Given how soft security is in general, AI "escaping containment" feels inevitable. (The strong form of that hypothesis where it subjugates or eliminates us isn't inevitable, I honestly have no idea, just the weak form where we fail to erect boundaries it cannot bypass. We've basically already failed.)

This is why I wrote yoloAI

My agents always run with —-dangerously-skip-permissions now, but they can no longer do any harm.

https://github.com/kstenerud/yoloai

Claude is able to turn off it's own sandbox, so ya.