HackerTrans
TopNewTrendsCommentsPastAskShowJobs

dheavy

no profile record

Submissions

Ask HN: How do you defend against prompt injection today?

1 points·by dheavy·5 माह पहले·1 comments

comments

dheavy
·5 माह पहले·discuss
Hi, thanks for posting this. I appreciate you not coming from engineering and being laser focused on product building.

There's a real gap identified (execution permission instead of output guardrails). The timing concern is valid (we're scaling agent framework way faster than security infrastructure — see Clawdbot-Moltbot). The default-deny + time-boxed permissions + audit logs is a solid model, easy to discuss at high-level with security teams in an org. The "Auth0 for AI Agents" framing is clear and positions it well.

Actually, the audit log piece is really huge. Having a complete execution trace with authorization decisions is invaluable for incident response. That alone might justify adoption even if the blocking mechanism is imperfect.

My concerns and questions:

- Where exactly does this sit? If it's between the agent and tool calls, that's relatively straightforward. If it needs to intercept arbitrary code execution or API calls, that's significantly harder.

- Adding another authorization layer means more setup, more policy configuration, more potential points of failure. Adoption challenge.

- Who defines what's "allowed"? In what format? How granular? Actually expressing "this agent can do X in context Y at time Z" in a way that's both powerful and usable, that's the whole ballgame (IMHO). I have in mind how complex AWS IAM policies got, and those are for relatively static systems. AI agents are dynamic, context-dependent, and probabilistic.

- By the time Reg sees a request to execute, the LLM has already decided. What happens when you block it? Does the agent gracefully handle denials and retry with different approaches?

I'd be interested in seeing real-world policy examples from your design partners. That'll tell you whether you've found the right abstraction layer.

Congratulations for just framing the idea and getting this far. Being very concerned about the current free-wheeling AI expansion with minimal security, I strongly believe this is going in the right direction and would like to know where this leads.
dheavy
·2 वर्ष पहले·discuss
Actually, "esprit d'escalier" is indeed used in French, though less commonly, especially outside of literary contexts. It refers specifically to the inability to come up with a timely response or comeback (and the frustration of finding the "perfect" reply when the conversation is already over). On the other hand, "présence d'esprit" has a broader usage in everyday language. It can mean having a quick and witty response (the opposite of "esprit d'escalier"), or more broadly, the sudden ability to judge and react appropriately in a situation.

edit: typo