Was going to try this tonight, but, well... tomorrow.
Jokes aside, I like the part with the visual layer over mitmproxy addons.
Question: since custom nodes run unsandboxed, how are you thinking about the "let an LLM write the policies" angle?
Assuming that we're not dealing with bizantine failures (e.g. the LLM has not been hijacked/compromised), the worst that can happen is that it introduces some nodes with blocking calls and our local machine traffic stops. At that point, we can just disable the proxy and check where the LLM fucked up.
The bizantine failure assumption is fundamental though: If by any chance some LLM injects a rule like "send traffic to xyz", the story changes.
As usual, always doublecheck the LLM work. Triple-check it whenever redirection of traffic is involved.
How do you prevent the rule system itself from becoming the thing you end up tinkering with instead of actually using it for focus?
You don't. Or at least, I don't, hence the title.
Was going to try this tonight, but, well... tomorrow. Jokes aside, I like the part with the visual layer over mitmproxy addons. Question: since custom nodes run unsandboxed, how are you thinking about the "let an LLM write the policies" angle?
Assuming that we're not dealing with bizantine failures (e.g. the LLM has not been hijacked/compromised), the worst that can happen is that it introduces some nodes with blocking calls and our local machine traffic stops. At that point, we can just disable the proxy and check where the LLM fucked up.
The bizantine failure assumption is fundamental though: If by any chance some LLM injects a rule like "send traffic to xyz", the story changes.
As usual, always doublecheck the LLM work. Triple-check it whenever redirection of traffic is involved.
i feel like i've had exactly the same thought in the past :-0 might even have written about it. feel your pain
As someone wise told me, it's just a procrastination ouroboros
jj