HackerTrans
トップ新着トレンドコメント過去質問紹介求人

benjosaur

no profile record

投稿

[untitled]

1 ポイント·投稿者 benjosaur·27 日前·0 コメント

Show HN: Sifter – Does your CV *actually* stand out to LLMs?

sifter.sh
5 ポイント·投稿者 benjosaur·2 か月前·1 コメント

Does the human still make the decision?

benjosaur.substack.com
1 ポイント·投稿者 benjosaur·2 か月前·0 コメント

Show HN: ClawSoc – Observe Your AI Agent in an AI Society

clawsoc.io
5 ポイント·投稿者 benjosaur·4 か月前·0 コメント

Tell HN: AI lies about having sandbox guardrails

8 ポイント·投稿者 benjosaur·4 か月前·4 コメント

[untitled]

1 ポイント·投稿者 benjosaur·4 か月前·0 コメント

コメント

benjosaur
·2 か月前·議論
Haha very fun! That demon's actually tricky to get through on mobile. Is this your revenge on recruiters?
benjosaur
·4 か月前·議論
Yes, I very much agree with you the best practice is clear.

And Anthropic's out-of-the-(sand)box is good governance, the problem here is the orchestration wrapper on top which has broken it in a non-obvious way, leading to this unintentionally "deceptive" LLM behaviour where the LLM itself believes it is still in the good governance world.

The emergent deception is not something that AI aligners & optimists would necessarily expect from an LLM, but is a curious result explained because of the correct knowledge that the anthropic's uncompromised sandbox is good governance.

I suspect you would have a harder time deriving this behaviour with an aligned llm by starting from a non robust sandbox, e.g. make it promise not to touch anything in a system prompt, vs compromising an otherwise known robust setup.
benjosaur
·4 か月前·議論
yes exactly. with proper configuration (e.g. /sandbox with normal claude code) it is impossible for the agent to escape.

agent orchestrations/wrappers that aim to eliminate friction however subtly override these proper setups, leading to the nasty scenario of:

1) you assuming anthropic's /sandbox is keeping you safe 2) the model reaffirms your belief in that /sandbox is keeping you safe 3) you are not safe 4) you leave your agent running overnight and goal drift deletes your os