zlacker

[return to "Clawdbot - open source personal AI assistant"]
1. hexspr+G5[view] [source] 2026-01-26 01:17:52
>>KuzeyA+(OP)
Clawdbot finally clicked for me this week. I was renting out an apartment and I had it connect to FB messenger, do the initial screening messages and then schedule times for viewings in my calendar. I was approving it's draft messages but starting giving it some automatic responses as well. Overall it did 9/10 on this task with a couple cases where it got confused. This is just scratching the surface but this was something that was very valuable for me and saved me several hours of time.
◧◩
2. gmerc+ec[view] [source] 2026-01-26 02:07:25
>>hexspr+G5
Wait until you figure out prompt injection. It's wild
◧◩◪
3. cztoms+741[view] [source] 2026-01-26 11:23:43
>>gmerc+ec
I'm following Owain Evans on X and some of the papers they've been sharing are much worse. IIRC there was something with fine-tuning a LLM to be bad actor, then letting it spit out some text, and if that response was copy-pasted into the context of the ORIGINAL LLM (no fine-tune) it was also "infected" with this bad behavior.

And it makes a lot of sense, the pre-training is not perfect, it's just the best of what we can do today and the actual meaning leaks through different tokens. Then, QKV lets you rebuild the meaning from user-provided tokens, so if you know which words to use, you can totally change the behavior of your so-far benign LLM.

There was also paper about sleeper agents and I am by no way a doomer but the LLM security is greatly underestimated, and the prompt injection (which is impossible to solve with current generation of LLMs) is just the tip of the iceberg. I am really scared of what hackers will be able to do tomorrow and that we are handing them our keys willingly.

[go to top]