redwoodresearch.substack.com/p/comparing-risk-from-internally-deployed/comment/128678625
Preview meta tags from the redwoodresearch.substack.com website.
Linked Hostnames
2Thumbnail

Search Engine Appearance
Varun Godbole on Redwood Research blog
I wonder if we're just very early in all this. I suspect that you're right that AI agents operating within a company's internal systems will likely need lots of wide-ranged access to be considered useful. At the same time, I don't think that existing infra for managing ACLs has really kept up with the idea of "AI agents". For example, a lot of REST APIs using OAuth2 used by agents work by impersonating the user. But I suspect that many APIs will soon need to allow users to manage robotic accounts. There's also an ouroborous pattern here, where it seems inevitable that folks will use LLMs to decipher and act on a gradually increasing array of permissions...
Bing
Varun Godbole on Redwood Research blog
I wonder if we're just very early in all this. I suspect that you're right that AI agents operating within a company's internal systems will likely need lots of wide-ranged access to be considered useful. At the same time, I don't think that existing infra for managing ACLs has really kept up with the idea of "AI agents". For example, a lot of REST APIs using OAuth2 used by agents work by impersonating the user. But I suspect that many APIs will soon need to allow users to manage robotic accounts. There's also an ouroborous pattern here, where it seems inevitable that folks will use LLMs to decipher and act on a gradually increasing array of permissions...
DuckDuckGo
Varun Godbole on Redwood Research blog
I wonder if we're just very early in all this. I suspect that you're right that AI agents operating within a company's internal systems will likely need lots of wide-ranged access to be considered useful. At the same time, I don't think that existing infra for managing ACLs has really kept up with the idea of "AI agents". For example, a lot of REST APIs using OAuth2 used by agents work by impersonating the user. But I suspect that many APIs will soon need to allow users to manage robotic accounts. There's also an ouroborous pattern here, where it seems inevitable that folks will use LLMs to decipher and act on a gradually increasing array of permissions...
General Meta Tags
16- titleComments - Comparing risk from internally-deployed AI to insider and outsider threats from humans
- title
- title
- title
- title
Open Graph Meta Tags
7- og:urlhttps://redwoodresearch.substack.com/p/comparing-risk-from-internally-deployed/comment/128678625
- og:imagehttps://substackcdn.com/image/fetch/$s_!0h0E!,f_auto,q_auto:best,fl_progressive:steep/https%3A%2F%2Fredwoodresearch.substack.com%2Ftwitter%2Fsubscribe-card.jpg%3Fv%3D1467347670%26version%3D9
- og:typearticle
- og:titleVarun Godbole on Redwood Research blog
- og:descriptionI wonder if we're just very early in all this. I suspect that you're right that AI agents operating within a company's internal systems will likely need lots of wide-ranged access to be considered useful. At the same time, I don't think that existing infra for managing ACLs has really kept up with the idea of "AI agents". For example, a lot of REST APIs using OAuth2 used by agents work by impersonating the user. But I suspect that many APIs will soon need to allow users to manage robotic accounts. There's also an ouroborous pattern here, where it seems inevitable that folks will use LLMs to decipher and act on a gradually increasing array of permissions...
Twitter Meta Tags
8- twitter:imagehttps://substackcdn.com/image/fetch/$s_!0h0E!,f_auto,q_auto:best,fl_progressive:steep/https%3A%2F%2Fredwoodresearch.substack.com%2Ftwitter%2Fsubscribe-card.jpg%3Fv%3D1467347670%26version%3D9
- twitter:cardsummary_large_image
- twitter:label1Likes
- twitter:data11
- twitter:label2Replies
Link Tags
33- alternate/feed
- apple-touch-iconhttps://substackcdn.com/image/fetch/$s_!dXu3!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d382275-365e-4d62-bf76-f59fd0592028%2Fapple-touch-icon-57x57.png
- apple-touch-iconhttps://substackcdn.com/image/fetch/$s_!yqWx!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d382275-365e-4d62-bf76-f59fd0592028%2Fapple-touch-icon-60x60.png
- apple-touch-iconhttps://substackcdn.com/image/fetch/$s_!hPZ0!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d382275-365e-4d62-bf76-f59fd0592028%2Fapple-touch-icon-72x72.png
- apple-touch-iconhttps://substackcdn.com/image/fetch/$s_!U-0e!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d382275-365e-4d62-bf76-f59fd0592028%2Fapple-touch-icon-76x76.png
Links
13- https://redwoodresearch.substack.com
- https://redwoodresearch.substack.com/p/comparing-risk-from-internally-deployed/comment/128678625
- https://redwoodresearch.substack.com/p/comparing-risk-from-internally-deployed/comments#comment-128678625
- https://substack.com
- https://substack.com/@vgodbole/note/c-128678625