alt Hacker NewsDeterminism is one thing, but the more pressing thing is permission boundaries. All these AI agent tools need to come with no permissions at all out of the box, and everything should be granularly granted. But that would break all the cool demos and marketing pitches.
Allowing agent to run wild with any arbitrary shell commands is just plain stupid. This should never happen to begin with.
Replies
TZubiri • last Thursday at 7:22 PM
That's what they are actually doing.
I think quite opposite, agents need to come with all permissions possible, highlighting that it's actually the OS responsibility to constrain it.
It's kind of dumb to except a process to constrain itself.
➕ show 1 reply
> All these AI agent tools need to come with no permissions at all out of the box, and everything should be granularly granted.
That's what the tools already do. if you were watching some cool demo that didnt have all the prompts they may have been running the tools in "yolo mode" which is not usually a normal thing.