This is pretty egregious. And outside the fact the server is now disabled by default, once it's running it is still egregious:

> When server is enabled, any web page served from localhost/127.0.0.1 can execute code

> When server is enabled, any local process can execute code without authentication

> No indication when server is running (users may be unaware of exposure)

I'm sorry this is horrible. I really want there to be a good actual open cross-provider agentic coding tool, but this seems to me to be abusive of people's trust of TUI apps - part of the reason we trust them is they typically DON'T do stuff like this.