top | item 47147271

(no title)

I'm not blaming you, but it's scary how many people are running these agents as if they were trusted entities.

discuss

they're tools, you don't ascribe trust to them. you trust or distrust the user of the tool. It's like say you trust your terminal emulator. And from my experience, they will ask for permission over a directory before running. I would love to know how people are having this happen to them. If you tell it it can make changes to a directory, you've given it every right to destroy anything in that directory. I haven't heard of people claiming it exceeded those boundaries and started messing with things it wasn't permitted to mess with to begin with.

fragmede|4 days ago

That would be --dangerously-skip-permissions for Claude, and --dangerously-skip-permissions for codex.

Aka yolo mode. And yes, people (me) are stupid enough to actually use that.

AnimalMuppet|4 days ago

OK, but we learned decades ago about putting safety guards on dangerous machinery, as part of the machinery. Sure, you can run LLMs in a sandbox, but that's a separate step, rather than part of the machinery.

What we need is for the LLM to do the sandboxing... if we could trust it to always do it.

hansvm|4 days ago

https://news.ycombinator.com/item?id=47150476