

sure but one would hope that if the agent is interpreting content from the web as instructions that there would be literally any security measure between the webpage and the agent - whether that’s some input sanitization, explicit user confirmation, or prohibiting the agent from interpreting web pages as instructions at all.
can you not just call me out by my full name here jeez
my favorite procrastination strategy is to clean my apartment instead of doing the thing i need to do because hey now my apartment is clean thats pretty sweet ive been meaning to do that (not that a clean apartment helps me do the thing i actually need to do in any way)