Learning Timeline
Key Insights
The Dangers of VPS Hosting
Using a Virtual Private Server (VPS) without deep technical knowledge often leads to ports being left open accidentally, making it easier for hackers to attack your system.
Risks of Using Cheap AI Models
Avoid using cheap or weak AI models when granting access to emails or sensitive credentials (such as Apple ID or GitHub). Weaker models are more easily manipulated via prompt injection to install malware or delete data.
Anti-Spam/Injection Strategy
Do not let every email flow directly into the bot via Webhooks. Ensure there is a pre-processing stage before the AI reads the email content to prevent the bot from executing malicious commands from unknown senders.
Prompts
Sub-Agent Task Delegation
Target:
Claude Opus
Anytime you need to call code, do not do it yourself. Spawn a sub-agent that's using Codex because Codex is better for coding.
Step by Step
Configuring Secure AI Email Integration
- Choose 'Local Machine' as your host instead of a Virtual Private Server (VPS) to avoid the risk of exposing ports to external attacks.
- Install Docker on your machine to run the AI Agent in an isolated (containerized) environment.
- Start the configuration without granting email access initially to test the system's stability.
- Set Claude Opus as the primary model (LLM) to handle processing logic that requires high security.
- Disable any 'Webhook' that sends raw emails directly to the bot without prior filtering or pre-processing.
- Create specialized 'sub-agent' functions for technical tasks (such as coding) to isolate them from the main agent.
