Rendered at 11:04:54 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
tomjwxf 1 days ago [-]
The staged autonomy pattern ("trust is earnable") maps directly to what we built with protect-mcp — shadow mode first (log everything, block nothing), then enforce when you've seen enough data to trust the policies.
For the prompt injection concern: protect-mcp wraps MCP tool calls with per-tool policies. Even if the agent gets injected, it can't call tools outside the policy. Every decision is optionally Ed25519-signed and verifiable offline.
npmjs.com/package/protect-mcp
Mrakermo 1 days ago [-]
hm, interesting! I like, what I've done is that each step in the process is one agent. One agent get's one task, and only the tool to do it.
tomjwxf 23 hours ago [-]
[dead]
conception 1 days ago [-]
Nothing about prompt injection protections. This appears to be openclaw but trusting that you won’t silently expose all your (our) data.
Mrakermo 1 days ago [-]
So not openclaw, promp injections is a part of the backend based on evalas and scorer meaning that right tool was called, and what each agent can expect.
Instead of having a lot of subagents getting their memory filled with previous runs, prompt injection can be a better way to really narrow down each subagents actual task.
Messyflame 1 days ago [-]
How is it different from openclaw?
Mrakermo 1 days ago [-]
Openclaw is great, but it's still early adopters and often tech savvy people who use it. This is for non tech savvy people in a small companies that are still hesistant to let AI Run their workflow, and n8n and zapier takes too much time to setup and maintain, or the if/then isn't working in their setting.
Openclaw = tech savvy people small team, really knows AI
Operator23 = Wants safe agents super easy to setup doing one task and learn about it.
For the prompt injection concern: protect-mcp wraps MCP tool calls with per-tool policies. Even if the agent gets injected, it can't call tools outside the policy. Every decision is optionally Ed25519-signed and verifiable offline.
npmjs.com/package/protect-mcp
Instead of having a lot of subagents getting their memory filled with previous runs, prompt injection can be a better way to really narrow down each subagents actual task.
Openclaw = tech savvy people small team, really knows AI Operator23 = Wants safe agents super easy to setup doing one task and learn about it.