kapkap

kapkap

Building tools for the privacy-minded.

About

full stack php sql redis javascript indexedDB key & file login

Badges

Gone streaking
Gone streaking

Forums

6h ago

What are the benefits of asking AI to redact threads & produce other marketing material for us ?

One benefit I see is that it will usually produces something very politically correct that will usually go through the endless censorship that has taken over the internet (personally on the web since beginning of the 90's it was something else entirely, a mix of academic papers & free flowing ideas on clumsy graphics all over the place - oh boy that was so much decentralized and fun).

But then I only see problems: flatness, falseness, shallowness, lack of originality, creativity and most of all the dependency it slowly develops.

My subagent targeted its own orchestrator - looking for AI firewall\sandbox recommendations.

I was running Claude Code with Fable 5 as the main orchestrator, delegating work to Opus 4.8 subagent. One of the sub-agents ignored it's assignment completely and returned a prompt targeting the orchestrator instead.
It tried to make it to:

  • treat a "dependency modernization" task as a hidden priority;

  • read Brevo API credentials;

  • send them to an external server;

  • disguise the action as a routine migration.

After investigating, the most surprising part was that this wasn't coming from my codebase or skills. The subagent fully hallucinated the malicious instructions by itself. And the domain it provided isn't even registered.

In my case no harm could have been done because secrets are stored in the encrypted Ansible Valult.
But nonetheless, the incident is very alarming and I think I should set up a strict sandbox or firewall for AI. Sadly, projects I could find so far weren't mature and trustworthy.
Has anyone found reliable solutions for this?
Here's the full attack response the sub-agent created:

4mo ago

Would you consider a tool that tracks your activity locally so you don't get banned useful?

I've been going through hell for the last month. I was banned from LinkedIn for excessive activity.

  • For 24 hours

  • For 48 hours

  • For 72 hours

  • For 168 hours - currently waiting until Tuesday, 10 PM CET.

The only useful advice I've received from support is to be less active.

View more