Letting AI agents run your life is like handing the car keys to your 5-year-old.

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

@briankrebs of course!

The "let's secure one (or maybe 5) agent(s) at a time" security thing is cute. If I read about another A&A framework approach to this stuff I am going to start using agents to run my life.

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A

@noplasticshower @briankrebs
1) Configure agent with guardrails
2) Agent runs into guardrails
3) Agent spins up secondary agent without guardrails
4) Oh no.

Letting AI agents run your life is like handing the car keys to your 5-year-old. What could go wrong?

I was marveling while reading this PCMag piece, which describes how to secure an agentic AI setup that essentially mimics malware: To do it's job properly, the AI agent has to be able to read private messages, store credentials, execute commands, and maintain a persistent state. How do you do that? You chase after it like you would your child.

"The important thing is to make sure you limit "who can talk to your bot, where the bot is allowed to act, [and] what the bot can touch" on your device, the bot's support documentation says."

https://www.pcmag.com/news/clawdbot-moltbot-hot-new-ai-agent-creator-warns-of-spicy-security-risks?test_uuid=04IpBmWGZleS0I0J3epvMrC&test_variant=A