The article mentions that there’s an identification process and that at least some data has access control. What were you expecting?
The article mentions that there’s an identification process and that at least some data has access control. What were you expecting?
You're wiring up a number of critical systems... and prompt injection here could be really bad. I worry about such systems with a single point of contact
Reading through it, I didn't see any mention of write access. It looks like the agent is strictly read-only with access controls.