AI agents

[Tim Macpherson]

 Following on from a recent post about AI, I  use basic chatgpt or Gemini. Should I be using AI agents such as Claude Code, OpenAI’s Codex, etc ?  My current AI usage is ok for specifics but awful at remembering things.

Yahoo Mail: Search, Organize, Conquer

[Jens]

What is your goal? AI agents running locally are usually a security nightmare (data deletion, secret exfiltration via prompt injection) so you have two choices:

1.) babysit them all the time and review, understand and confirm any command the agent wants to execute. Otherwise it might delete your drive accidentally and feels really sorry about it or it reads an untrusted website with some prompt injection sections which causes the model to do something totally different. As a middleground you can allow read/search commands by default but still review everything else.

2.) Run the agent autonomously in a secure environment to protect your local data. This can be a local VM, a local docker container (e.g. use devcontainers for development in general or just run the agent in a container) or an OS provided sandbox mechanism. Then you make only the folders accessible to the environment (and thus the AI agent) which are required. If your agent should use the internet for research then you must control network requests (e.g. allowed domains).

Depending on the code size and the task complexity an AI agent is relatively slow as it does a lot of research in the code base first before implementing stuff. So if you work on a laptop it might be annoying to wait for the agent to complete. So the last option is using agents in the cloud which also solves the security issue for your local data as the cloud solutions usually must clone your repository from somewhere.

-- J.

[Tim Macpherson]

Thanks, I heard the agents in cloud can be a security risk for proprietary code, but there are options to keep it private.  Thinking about it an agent would be overkill for my purposes, I just want something that doesn't have to be constantly corrected because it's forgotten my current stack. It can just about remember that I'm using Java GWT and D3 js, memory of a 4 year old

Yahoo Mail: Search, Organize, Conquer

--
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-tool...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/google-web-toolkit/9585ff0f-015e-4344-931f-6610ae632644n%40googlegroups.com.