NAL but I'd be worried about treading into CFAA territory with things like this. In the US, the law allows draconian penalties if you find yourself on the wrong side.
Something like yt-dlp is just downloading public data, which I can see being defensible as automating the use of a service.
But this commandeers remote machine resources to do your compute in ways clearly not intended by the provider. I don't know how ethical it is, but I definitely wouldn't want to argue this isn't "hacking" (the bad kind) in criminal court.
hn_throwaway_99 7 hours ago [-]
Not to mention, did this "hack" ever really work? When the original post went viral showing the Chipotle chatbot reversing a linked list, I (among others who posted their results online) immediately tried it and didn't get the same results, so I always assumed it was just a faked screenshot.
qurren 5 hours ago [-]
They probably added something to the prompt after that viralness and then it was a cat and mouse game to jailbreak it
Shadowmist 6 hours ago [-]
Their chat bot is pretty bad so who knows.
avaer 6 hours ago [-]
Whether something ever worked is not correlated with traction in a world where verification is measured by likes.
arthurcolle 5 hours ago [-]
You really think someone would do that? Lie on the internet?
qingcharles 6 hours ago [-]
And if you think CFAA is bad, then the states have even harsher versions too. Illinois' version specifically criminalizes any violation of a ToS.
oneneptune 4 hours ago [-]
I once saw the bad side of one of these draconian state laws many years ago. People rarely have the misfortune of hitting these laws in some flyover states... and I remember the local judge being really shocked by the mandated penalties for such a simple offense.
jawns 7 hours ago [-]
Yeah, this is not slap on the wrist stuff. I think the creator expects nothing more than a C&D letter, but they could face prison time if a zealous federal prosecutor wants to make an example of them.
hootz 7 hours ago [-]
And with direct links to his pesonal profile and company. Uh...
pixl97 5 hours ago [-]
EvilNote: Put links to LinkedIn lunatics sites when committing crimes instead of my own.
notcfaa 2 hours ago [-]
[dead]
egeozcan 5 hours ago [-]
I always thought that stuffing too much into an LLM context window was a lot like overloading a burrito.Keep cramming stuff in and eventually the tortilla gives out, and everything you added since quietly spills out the bottom.
Anyway, this agent probably has the structural integrity of a fat burito held from one corner :)
jedbrooke 6 hours ago [-]
I’d been thinking about if something like this would be possible for https://chatjimmy.ai/ . The underlying model is only llama 3 8B but I’m curious what coding harnesses would be like at 17k tok/s
tomashubelbauer 3 hours ago [-]
If you're on macOS you can try the built in LLM which I think is similar in size. There's a project called Apfel that wraps it in a CLI. Also Chrome ships with a web API called Prompt API that gives you offline access to Gemini Nano which can do both text and images at the input. Also tiny. I've integrated these into my workflows where a tiny but non zero amount of reasoning is needed in between the otherwise fully deterministic steps.
golph 3 hours ago [-]
I actually tried building a harness around their constraints, just to find out if it was possible, but the combination of small context window, no tool calls and just small model, made me understand, that it’s not going to work.
If you find a way to do it, I’d love to hear it!
david_shi 29 minutes ago [-]
This is the singularity we were promised
matt3210 1 hours ago [-]
Why not playwright and google ai mode or ai search header?
sailfast 6 hours ago [-]
How has this not been patched by the company? Hasn't this been in the wild for a long time already?
Reminds me of when I used the Amazon.com AI Chatbot (was called Rufus and they renamed it to Alexa for shopping) to do things like write fizbuzz etc. Looks like they patched it to refuse though.
trueno 3 hours ago [-]
[dead]
bschwindHN 2 hours ago [-]
I was once driving and knew where I was going, so I decided to press the gemini button to see what it does. I was able to eventually convince it to write me a Rust function that calculates prime numbers, and demanded that it read out the entire function to me line by line. Fun to mess with these systems.
Mashimo 1 hours ago [-]
> gemini
The gemini from your phone?
I mean yeah, that is what it was designed to do. It's one of the better coding LLMs out there.
Falimonda 7 hours ago [-]
Pivot it to providing AI to underprivileged communities / youth / the homeless and you'll generate some good will for your trial! Best of luck!
tonymet 4 hours ago [-]
We’re changing the world with Fortune 500 AI Support Bot Multiplexer Broker Models
schmichael 5 hours ago [-]
give ai a self-preservation directive and let them do this for you: automatically switching models to keep themselves alive. Living off of whatever token source they can find in the wild. Surely agents can farm their own tokens through the numerous support chats, free trials, leaked keys, and whatever other sources of token generation haven’t been adequately captcha’d. An agent could forage for token sources all night to let you use them gratis during the day.
luca-ctx 4 hours ago [-]
OpenRouter has lots of free model providers (you pay by letting them train on it) if you actually wanted to do something like this but legally.
joloooo 5 hours ago [-]
Almost feels like astroturfing territory
Mistletoe 3 hours ago [-]
Surely Chipotle having a cloud AI budget signals something, I’m not sure what.
petterroea 1 hours ago [-]
Now imagine OpenRouter but for free support bots.
slater 6 hours ago [-]
How are they not gonna get sued to smithereens?
jamesjyu 5 hours ago [-]
Next up: using Chipotle AI to solve Erdős problems
Avicebron 8 hours ago [-]
based, move on.
stronglikedan 7 hours ago [-]
and they say the hardest thing in software is naming things, pffft...
vladsiu 5 hours ago [-]
[dead]
simonsarris 8 hours ago [-]
reminiscent of when people were trying to mine bitcoin in the background of web pages, or with more trad malware
Rendered at 08:52:08 GMT+0000 (Coordinated Universal Time) with Vercel.
Something like yt-dlp is just downloading public data, which I can see being defensible as automating the use of a service.
But this commandeers remote machine resources to do your compute in ways clearly not intended by the provider. I don't know how ethical it is, but I definitely wouldn't want to argue this isn't "hacking" (the bad kind) in criminal court.
Anyway, this agent probably has the structural integrity of a fat burito held from one corner :)
If you find a way to do it, I’d love to hear it!
The gemini from your phone?
I mean yeah, that is what it was designed to do. It's one of the better coding LLMs out there.