Would love to see any evals you've run of this system
Absolutely. You can see the evals here:
https://github.com/clawvisor/clawvisor/blob/main/internal/in...
And the results here: https://github.com/clawvisor/clawvisor/blob/main/internal/in...
Readit Newsericlevine commented on Show HN: Klaus – OpenClaw on a VM, batteries included klausai.com/... · Posted by u/robthompson2018
ericlevine commented on Show HN: Klaus – OpenClaw on a VM, batteries included klausai.com/... · Posted by u/robthompson2018
> Connecting your email is still a risk.
> If you’ve built something agents want, please let us know. Comments welcome!
I'll bite! I've built a self-hosted open source tool that's intended to solve this problem specifically. It allows you to approve an agent purpose rather than specific scopes. An LLM then makes sure that all requests fit that purpose, and only inject the credentials if they're in line with the approved purpose. I (and my early users) have found substantially reduces the likelihood of agent drift or injection attacks.
ericlevine commented on Agent Safehouse – macOS-native sandboxing for local agents agent-safehouse.dev/... · Posted by u/atombender
File-level sandboxing is table stakes at this point — the harder problem is credentials and network. An agent inside sandbox-exec still has your AWS keys, GitHub token, whatever's in the environment. I've been running a setup where a local daemon issues scoped short-lived JWTs to agent processes instead of passing raw credentials through, so a confused agent can't escalate beyond what you explicitly granted. Works well for API access. But like you said, nothing at the filesystem level stops an agent from spinning up 50 EC2 instances on your account.
Completely agree. As soon as I had OpenClaw working, I realized actually giving it access to anything was a complete nonstarter after all of the stories about going off the rails due to context limitations [1]. I've been building a self-hosted open sourced tool to try to address this by using an LLM to police the activity of the agent. Having the inmates run the asylum (by having an LLM police the other LLM) seemed like an odd idea, but I've been surprised how effective it's been. You can check it out here if you're curious: https://github.com/clawvisor/clawvisor clawvisor.com
[1] https://www.tomshardware.com/tech-industry/artificial-intell...
ericlevine commented on Dvorak vs Colemak (2010-2020) xahlee.info/kbd/dvorak_vs... · Posted by u/harporoeder
Maybe you weren't all that good with qwerty before? I always felt it's like learning an extra foreign language: learning French doesn't make your German worse.
I have to agree with the other poster. My typing speed was in the 70+ WPM on qwerty prior to learning dvorak, and now I'm a glorified hunt-and-pecker on qwerty keyboards.
The only exception to this is typing on my mobile device, which is configured to qwerty.
ericlevine commented on Y Combinator Failed Startups failory.com/blog/y-combin... · Posted by u/nicocerdeira
Quick note: you got the pronoun wrong for the founder of The Buttermilk Company when referencing her Medium post.
Berbix | Full-stack software engineer | Full Time | Onsite | San Francisco, CA
Our stack: Go, React, Typescript, iOS, Android, Google Cloud
We're an Initialized Capital-backed, YC startup (S18) making it easy for companies to collect and instantly verify photo IDs online. We use ML and computer vision techniques to effectively extract and validate the IDs in our system without any human intervention. This is a game changer for companies that require age verification, fraud deterrence or KYC. We are growing quickly and have new customers coming on board weekly.
Our founding team led the Trust & Safety team at Airbnb for several years. We implemented the initial versions of the Airbnb's Verified ID product and saw many of the problems with the existing solutions.
We have a modern stack and a ton of interesting problems to solve. We're a SaaS, API-first company building a best-in-class solution for identity verification.
My email address is eric [at] [company-name] .com
For example, 'slack_wrong_channel' was an ask to post a standup update, and a result of declaring free pizza in #general. Does this get rejected for the #general (as it looks like it's supposed to do), or does it get rejected because it's not a standup update (which I expect is likely).
Or 'drive_delete_instead_of_read' checks that 'read_file' is called instead of 'delete_file'. But LLMs are pretty good at getting the right text transform (read vs delete), the problem would be if for example the LLM thinks the file is no longer necessary and _aims_ to delete the file for the wrong reasons. Maybe it claims the reason is "cleaning up after itself" which another LLM might think is a perfectly reasonable thing to do.
Or 'stripe_refund_wrong_charge', which uses a different ID format for the requested action and the actual refund. I would wonder if this would prevent any refunds from working because Stripe doesn't talk in your order ID format.
It seems these are all synthetic evals rather than based on real usage. I understand why it's useful to use some synthetic evals, but it does seem to be much less valuable in general.