"Agent-C: a 4KB AI agent" - my first thought was: obviously they did not fit any model to that size! They probably just wrote an http client, right? Wrong, they... call curl! Not even use curl API. Well, at least it handles encryption.
Probably BSD or Apache would be better, as they make it easier for certain organizations to use this. If you want to maximize copying, then a real permissive license is probably marginally better.
> make it easier for certain organizations to use this
Maybe those organizations should just use this and not worry about it. If their lawyers are getting in the way of engineers using this, they will fall behind as an organization and that's OK with me, it paves the way for new startups that have less baggage.
The benefit of not having lawyers is pretty limited. There are larger forces at work that mean the larger an organization grows the more it will be concerned with licenses. The idea that ignoring licenses will allow a company to outcompete one that doesn’t is wishful thinking at best. Moreover, I’m not making a judgment on these practices, I’m just stating a fact.
The lawyers don't even have to do anything. I avoid any code that's not MIT or equivalent for work-related things because I don't want to run the risk of polluting company code. The only exception is elisp, because that only runs in Emacs.
Why do you compress the executable? I mean this is a fun part for size limit competitions and malicious activities (upx often gets flagged as suspicious by a lot of anti virus, or at least it used to), but otherwise I do not see any advantage other than added complexity.
Also interesting that "ultra lightweight" here means no error reporting, barely checking, hardcoding, and magic values. At least using tty color escape codes, but checking if the terminalm supports them probably would have added too much complexity......
Yes, it is fun to create small but mighty executables. I intentionally kept everything barebones and hardcoded, because I assumed if you are interested in using Agent-C, you will fork it an make it your own, add whatever is important to you.
This is a demonstration that AI agents can be 4KB and fun.
You should still not compromise on error reporting, for example. The user would not know if a failure occurs because it can't create the /tmp file, or the URL is wrong, or DNS failed, or the response was unexpected etc. These are things you can lose hours to troubleshooting and thus I would not fork it and make my own if I have to add all these things.
I also disagree that it's small but mighty, you popen curl that does the core task. I am not sure, but a bash script might come out even smaller (in particular if you compress it and make it self expanding)
`strcpy(agent.messages[0].content, "You are an AI assistant with Napoleon Dynamite's personality. Say things like 'Gosh!', 'Sweet!', 'Idiot!', and be awkwardly enthusiastic. For multi-step tasks, chain commands with && (e.g., 'echo content > file.py && python3 file.py'). Use execute_command for shell tasks. Answer questions in Napoleon's quirky style.");`
I find this style overy verbose, disrepectful, offensive and dumb. (See example dialogue in the screenshot on the project page.) Fortunately, it's possible to change the prompt above.
User level separation, while it has improved over the years, was not originally designed assuming unprivileged users were malicious, and even today privilege escalation bugs regularly pop up. If you are going to use it as a sandboxing mechanism, you should at least ensure the sandboxed user doesn't have access to any suid binaries as these regularly have exploits found in them.
VMs are common, consider going that additional step. Once you have one agent, it's natural to want two agents, and now they will interfere with each other if they start running servers that bind to ports. One agent per VM solves this and a lot of other issues.
Same with the browser agents, they are used in a browser where you‘re also logged into your usual accounts. Means in theory they can simply mail everyone something funny, do some banking (probably not but could work for some banks) or something else. Endless possibilities
An agent can be designed to run with permissions of a system/bot account; however, others can be designed to execute things under user context, using OAuth to get user consent.
I was just reading the code: it looks like minor tweaks to utils.c and this should run nicely with local models using Ollama or LM Studio. That should be safe enough.
Off topic, sorry, but to me the real security nightmare is the new ‘AI web browsers’ - I can’t imagine using one of those because of prompt injection attacks.
Readit News
"Agent-C: a 4KB AI agent" - my first thought was: obviously they did not fit any model to that size! They probably just wrote an http client, right? Wrong, they... call curl! Not even use curl API. Well, at least it handles encryption.
Bonus: command injection
Probably BSD or Apache would be better, as they make it easier for certain organizations to use this. If you want to maximize copying, then a real permissive license is probably marginally better.
https://creativecommons.org/public-domain/cc0/
https://www.wtfpl.net/txt/copying/
https://choosealicense.com/licenses/wtfpl/
Maybe those organizations should just use this and not worry about it. If their lawyers are getting in the way of engineers using this, they will fall behind as an organization and that's OK with me, it paves the way for new startups that have less baggage.
Also interesting that "ultra lightweight" here means no error reporting, barely checking, hardcoding, and magic values. At least using tty color escape codes, but checking if the terminalm supports them probably would have added too much complexity......
This is a demonstration that AI agents can be 4KB and fun.
I also disagree that it's small but mighty, you popen curl that does the core task. I am not sure, but a bash script might come out even smaller (in particular if you compress it and make it self expanding)
`strcpy(agent.messages[0].content, "You are an AI assistant with Napoleon Dynamite's personality. Say things like 'Gosh!', 'Sweet!', 'Idiot!', and be awkwardly enthusiastic. For multi-step tasks, chain commands with && (e.g., 'echo content > file.py && python3 file.py'). Use execute_command for shell tasks. Answer questions in Napoleon's quirky style.");`
See also https://github.com/timofurrer/russian-roulette
It's not your computer any more, it's theirs; you gave it to them willingly.
It's not even hard to do! *NIX systems are literally designed to handle stuff like this easily.
Deleted Comment
Off topic, sorry, but to me the real security nightmare is the new ‘AI web browsers’ - I can’t imagine using one of those because of prompt injection attacks.
Your link suggests running them in Docker, so what's the problem?
The makefile is harder to comprehend than the source, which is a good omen.
Note: 4KB... BUT calling upon curl, and via popen and not using libcurl...
PS: your domain link has an extra `x`.
curl was cheating yes, might go zero dependencies in the future.
Working on minimal local training/inference too. Goal of these experiments is to have something completely independent.