This is interesting. I’m curious how the text becomes an execution boundary works in practice.
Is the .txt parsed into a constrained schema, or is it closer to free-form instructions that get interpreted at runtime?
Related to that, how are security boundaries enforced? For example, preventing arbitrary code execution, file access, or unintended side effects if the text is malformed or malicious.
Feels potentially very useful for prototyping, but I’m trying to understand where the hard limits are.
Is the .txt parsed into a constrained schema, or is it closer to free-form instructions that get interpreted at runtime?
Related to that, how are security boundaries enforced? For example, preventing arbitrary code execution, file access, or unintended side effects if the text is malformed or malicious.
Feels potentially very useful for prototyping, but I’m trying to understand where the hard limits are.