That's a great example of how dangerous actions are perceived as innocent. The entire model of ...

dns_snek • yesterday at 4:47 PM • 3 replies • view on HN

That's a great example of how dangerous actions are perceived as innocent. The entire model of approving specific commands is absolutely bonkers.

npm run build = run an arbitrary shell command written in package.json

Meanwhile the agent could have done any of the following without approval:

- edited `package.json` to contain any arbitrary build command

- planted malicious code in `build.js` (called by `npm run build`)

- planted malicious code in `node_modules/xyz/index.js` (imported by `build.js`)

Replies

nonethewiser • yesterday at 6:23 PM

Yup. The most secure computer is one encased in concrete and dropped into the ocean.

➕ show 1 reply

Wirbelwind • yesterday at 7:48 PM

that's a great point, and also the problem with relying on a human-in-the-loop to catch these kind of issues when it can be circumvented even if they were perfect

amarant • yesterday at 6:15 PM

What would a better system look like?

➕ show 4 replies

alt Hacker News

Replies