Been testing out bots these days. Or ... crustaceans ... bot orchestrators? Anyway, they are all **prompted** to not be able to do certain things they actually can do, which leads to the awkward situation that it tells you it can't because of policy, you tell them to do it anyway and they tell you it works.
This happened with self-hosted instances of openclaw, zeroclaw and with a hosted openclaw where my agent claimed it managed to write outside of its container with some 10min of probing.
When an AI forgets some instructions, the fix is usually to literally emphasize these instructions more in the prompt and there appears to not be any guardRails.md instructions the bot has to obey at all cost. Or there are but they are not exposed so we pesky plebs don't mess with them?
Anyway, an LLM is trivially easy to convince to try a jail break and it's good at pen testing, so ... yeah, good luck with keeping these hosted crustaceans jailed.
@Cody what is happening here? Often, when I had some down-time and come back to my Jumble tab, it appears to be logged out, saying "Log in" bottom left. When I click it, it claims I'm logged in? And something spins when I click that? But I can't use Jumble until I sometimes can use Jumble again later? What gives? Using Amber.
The Dooms-Day-Device: If Hal detects a nuke going off, it will retaliate with all it has. The 100% mad-man cold-war deterrence for the other side launching the first nuke.
Glad, Hal is infallible, right?