@blinkygal @jyasskin There may be a future in which the total harm will be less. But until we have ways of comprehensively mitigating prompt injection, there are too many demonstrated ways to hijack agents for nefarious ends. The current solutions are patchwork and do not address the root causes.

@jyasskin That would be reasonable if agents were only vulnerable to exactly the same types of social engineering attacks that are effective on humans. But agents expose a lot of additional attack vectors via prompt injection, and are prone to errors that a human would never make.

@thakis When creating a shared memory region on Windows, Chrome aligns requested sizes up to the nearest 64k boundary. A TODO claims the extra alignment is only needed for NaCl. But when removed, a bunch of tests fail. It turns out that v8's heap sandbox also enforces this alignment with CHECKs, since 64k is the allocator granularity on Windows. It might be possible to relax v8's CHECKs… but the "simple cleanup" has turned into a far bigger task than I was planning.

@ifsecure sadly, it's not that easy to remove XSLT. In fact, some of the Google style guides even use XSLT :)

@evmar I thought that was neat as well! Though autoconf and friends generally just make me sad…

@PonderosaJohn I'm not sure what happened; however, the USB-C security keys I've used have a reputation of being a bit finnicky to activate. I'm guessing the repeated physical forces broke a soldered connection.

@ipsquiggle Luckily I had a backup stashed away. But now I need to get a new backup 😂