Thanks for the insight!

I think this is exactly why some of the work is moving away from “assume unrestricted API inference forever.”

For example, we’re prototyping ideas like air-gapped or very low-bandwidth inference gateways, where interaction happens over narrow channels (serial, optical, audio, etc.), with explicit threat models and monitoring. The point isn’t that this’s practical for today’s models, but to reason about what inference might look like for AGI/ASI-level systems where the risk profile is fundamentally different.

Others are thinking along similar lines too. For example, this SPAR project on constrained and minimal inference pathways: https://sparai.org/projects/sp26/rec7NyTst8Upfp83l