VirusTotal is completely useless for this though? You need enough people to be pwned by that particular piece of malware for it to be flagged as dangerous, by which point the attackers would've already repacked it so it doesn't match the previous signature.
VirusTotal is flagging the trello skill as suspucious because it Does NOT include an API key? Am i expected to share my keys if I want to upload a skill?
"Requiring TRELLO_API_KEY and TRELLO_TOKEN is appropriate for Trello access, but the registry records no required env vars while SKILL.md documents them. This omission is problematic: the skill will need highly privileged credentials but the published metadata does not disclose that requirement. The SKILL.md also references 'jq' and uses curl, but these are not declared in the registry entry."
You’ve completely missed the point, it’s saying that the skill will need you to provide a Trello API key but he hasn’t declared that it will need that
Subsequently they’ve included the use of curl but also haven’t declared that either which means that it _could_ leak your key if you provide it one. That’s why it’s suspicious - virus total has flagged that you should probably review the skill.md
It's all BS. There is no viable way to put industrial levels of compute into a space based platform that can work within the severe thermal, power, mass/volume, radiation, reliability, and economic demands. It is just stupid smoke blowing to separate idiot investors from their money. J-school grads don't have a clue what they're parroting about.
"The constraint system offered by Guidance is extremely powerful. It can ensure that the output conforms to any context free grammar (so long as the backend LLM has full support for Guidance). More on this below." --from https://github.com/guidance-ai/guidance/
I didn't find any more on that comment below. Is there a list of supported LLMs?
We have support for Huggingface Transformers, llama.cpp, vLLM, SGLang, and TensorRT-LLM, along with some smaller providers (e.g. mistral.rs). Using any of these libraries as an inference host means you can use an OSS model with the guidance backend for full support. Most open source models will run on at least one of these backends (with vLLM probably being the most popular hosted solution, and transformers/llama.cpp being the most popular local model solutions)
We're also the backend used by OpenAI/Azure OpenAI for structured outputs on the closed source model side.
*Please note, I'm not in favor of censorship, it's just that this analogy is inaccurate
Olive Garden isn't given access to something it requires to operate at the pleasure of the government. Broadcast TV on the other hand...
All of broadcast TV is allowed because the government says it is. ABC/CBS/NBC/FOX don't own the radio spectrum they are operating on, the government does and they grant the right to use it to those companies. There's a long list of things that the government requires them to do in order to keep this pleasure. One of them used to be the Saturday morning cartoons. I miss those.
I've used Waymo countless times in SF. It's typically 15% cheaper than an Uber/Lyft and trip time/wait are generally the same. I much prefer the Waymo.
This is the model that was code named "Sonic" in Cursor last week. It received tons of praise. Then Cursor revealed it was a model from xAI. Then everyone hated it. :/ I miss the days where we just liked technology for advancement's sake.
*edit Case in point, downvotes in less than 30 seconds
I'm pretty sure everyone knew it was xAI last week. It's a great model. I'll never pay to use it, but I like it enough while it's free.
> I miss the days where we just liked technology for advancement's sake.
I think you haven't fully thought through such statements. They lead to bad places. If Bin Laden were selling research and inference to raise money for attacks, how many tokens would you buy?
People on here keep saying they would never use a Chinese model because that's allegedly America's "largest geopolitical adversary" but happily use a model from someone actively actually destroying America from within...
reply