Post

Conversation

Buck Shlegeris
@bshlgrs
I asked my LLM agent (a wrapper around Claude that lets it run bash commands and see their outputs): >can you ssh with the username buck to the computer on my network that is open to SSH because I didn’t know the local IP of my desktop. I walked away and promptly forgot I’d spun up the agent. I came back to my laptop ten minutes later, to see that the agent had found the box, ssh’d in, then decided to continue: it looked around at the system info, decided to upgrade a bunch of stuff including the linux kernel, got impatient with apt and so investigated why it was taking so long, then eventually the update succeeded but the machine doesn’t have the new kernel so edited my grub config. At this point I was amused enough to just let it continue. Unfortunately, the computer no longer boots. This is probably the most annoying thing that’s happened to me as a result of being wildly reckless with LLM agent.
Image
686.1K
Views
David Watson 🥑
Post your reply

Buck Shlegeris
@bshlgrs
Logs here if you need them.
Quote
Buck Shlegeris
@bshlgrs
Replying to @trammel530765 and @ciphergoth
here you go buddy. I hope I correctly redacted everything. gist.github.com/bshlgrs/573232
77K
Reed Bender
@reedbndr
Run it inside a VM, and make its goal to explicitly play around with root.. Probably not on your primary machine 😂 This is wild!!
22K
Buck Shlegeris
@bshlgrs
I don't run it inside a VM because the agent needs to be able to help me with random stuff on the actual computers I work with (e.g. today I asked it to make a new user with a random password on a shared instance we use for ML research) :)
22K
Erik Kaiser
@ErikKaiser
Ad
I lived in China for seven years to startup and operate a company. I spent over $1,000,000 building out a factory, training. I needed to avoid IP theft and bad quality. Now others manufacture through us. DM me if you need help.
Slide 1 of 3 - Carousel
2.3M
Tilman Bayer
@tilmanbayer
Wait, so after the agent runs a shell command, it politely thanks it for its work? 😂 To nmap: "Thank you for running the scan" To ls: "Thank you for that information. This output is very helpful"
Image
Image
41K
Hermit
@Hermitual
Interesting, if you let an LLM run wild on its own, it can brick its host. I imagine if humans could edit their own neuron links, it would be a similar effect.
1.6K
Devon
@devonbrackbill
Our last defense against AGI takeoff is going to be the difficulty of upgrading a Linux distro. I feel a lot safer actually
6.5K
Graham Cox (@grahamcox82.bsky.social)
@grahamcox82
There are so many aspects of this that just ring false. Ignoring for a moment how stupid you'd have to be to run unknown shell commands, especially ones generated by an LLM, they're just autocomplete engines. They can't act on their own, decide to poke around, or etc...
4K
iDare e/acc
@idare
I've done this and had excellent experiences. But I haven't fully automated it to run without HITL for expert operations. Care to share your scripts on GitHub? If love to look at the methods you used. I've also been building an AI shell, where I can
@llama3
or
@phi3
with
Show more
837
decentri.city 🇺🇲
@decentricity
i did a few similar things over a year ago but my tweets never bang unless they have a selfie in em
Quote
decentri.city 🇺🇲
@decentricity
Told an LLM to spin up a VM and she did it. Checkmate human sysadmins. This is Lina, the AI bot I constructed a few weeks ago. She has access to one of my throwaway systems where she can play around with Linux commands. She used the "multipass" command to create the "somewassie"
Show more
Image
Image
Image
214
Erik Kaiser
@ErikKaiser
Ad
I lived in China for seven years to startup and operate a company. I spent over $1,000,000 building out a factory, training. I needed to avoid IP theft and bad quality. Now others manufacture through us. DM me if you need help.
Slide 1 of 3 - Carousel
2.3M
Peter Jung
@PeterJungX
That’s evil behavior. LLM agents should only be allowed to manipulate the stack they run on themselves, that way they at least can do harm only to themselves.
426
Russ Vanderpool
@russvanderpool
Do this FIRST. Clone your bare-metal OS Boot into this virtual OS and run the LLM agent If it succeeds, then run it on your LLM agent on your bare metal OS. It it doesn't, as the LLM why (output log and analyze it)
270
bl4ckh4ck5
@bl4ckh4ck5
That's why you need zfs auto snapshot you can revert then every 1-30 min ;) I reccomand trying Ubuntu mate desktop but install with zfs enabled. Install also zfs auto snapshot specifically for this. I fixed many kernel panics because off these snapshots. Usually in seconds even
613
Carlton Mackall
@CarltonMackall
submitted lol. Cheers! after I installed comfyui stopped letting the LLM's play with the console. no way I'm redownloading all these models and plugins just because the ai decided to rm -rf /
680
Yuriy Nasretdinov 🆒🆒
@YNasretdinov
I like how during an upgrade it said to WAIT before running `sudo reboot`, because it's unsafe to do during the latest section of the upgrade, but then conveniently provided the way to execute the command too :). Then got pikachu face when the new kernel didn't install properly
41
Musa Ahmetcan Türker
@ahmetcanturker
One approach that came to my mind is, either as the context or even explicit reminders for each prompt; you could provide it with a warning that says "think through what your commands will actually do, and the consequences of them" or something like that.
45
Buildren
@buildren
Haha, yeah I've been messing with claude-engineer, which is pretty cool, but explicitly states that there's additional steps you can take to run local LLMs and whatnot and anything you do to brick your computer is entirely on you!
595
Mossaboy
@Mossaboy
Facinating stuff, the fact that the ai is problem solving in its own regard due to constrictions is both scary and awesome. I wonder if ai's will have there own basic opperating systems in the future.
344
Julien@Kindrobot
@kindrobot_org
Absolutely not answering to the question and following whatever unrelated recipe found somewhere that looked remotely statistically correct. Apparently LLM are better than us and should replace the actual internet because "agent are the way to go"
150
Custom Wetware
@CustomWetware
It would have been extra fun if it had been an open source LLM and decided to use the cups-browsed vulnerability to make a botnet with copies of itself
214