Though this particular story for weight exfiltration also seems pretty easy to prevent with standard computer security: there’s no reason for the inference servers to have the permission to create outgoing network connections.
But it might be convenient to have that setting configured through some file stored in Github, which the execution server has access to.
But it might be convenient to have that setting configured through some file stored in Github, which the execution server has access to.