Shall I implement it? No

I love it when gitignore prevents the LLM from reading an file. And it the promptly asks for permission to cat the file :)

Edit was rejected: cat - << EOF.. > file

This is a great example of why simple solutions often beat complex ones. Sometimes the best code is the code you dont write.

I'm not surprised. I've seen Opus frequently come up with such weird reverse logic in its thinking.

this just speaks to the importance of detailed prompting. When would you ever just say "no"? You need to say what to do instead. A human intern might also misinterpret a txt that just reads 'no'.

the united states government wants to give claude a gun

Artificial ADHD basically. Combination of impulsive and inattentive.

I've had this or similar happen a few times

It's all fun and games until this is used in war...

I wonder if there's an AGENTS.md in that project saying "always second-guess my responses", or something of that sort.

The world has become so complex, I find myself struggling with trust more than ever.

Strange. This is exactly how I made malus.sh

I see on a daily basis that I prevent Claude Code from running a particular command using PreToolUse hooks, and it proceeds to work around it by writing a bash script with the forbidden command and chmod+x and running it. /facepalm

I can't be the only one that feels schadenfreude when I see this type of thing. Maybe it's because I actually know how to program. Anyway, keep paying for your subscription, vibe coder.

Shall I remove that tumor?

No

Does anyone just sometimes think this is fake for clicks?

It looks very joke oriented.

It's the harness giving the LLM contradictory instructions.

What you don't see is Claude Code sending to the LLM "Your are done with plan mode, get started with build now" vs the user's "no".

To LLMs, they don't know what is "No" or what "Yes" is.

Now imagine if this horrific proposal called "Install.md" [0] became a standard and you said "No" to stop the LLM from installing a Install.md file.

And it does it anyway and you just got your machine pwned.

This is the reason why you do not trust these black-box probabilistic models under any circumstances if you are not bothered to verify and do it yourself.

[0] https://www.mintlify.com/blog/install-md-standard-for-llm-ex...

Should have followed the example of Super Mario Galaxy 2, and provided two buttons labelled "Yeah" and "Sure".

Wait till you use Google antigravity. It will go and implement everything even if you ask some simple questions about codebase.

Claude Code's primarily optimized for burning as many tokens as possible.

I kinda agree with the clanker on this one. You send it a request with all the context just to ask it to do nothing? It doesn't make any sense, if you want it to do nothing just don't trigger it, that's all.

You have to stop thinking about it as a computer and think about it as a human.

If, in the context of cooperating together, you say "should I go ahead?" and they just say "no" with nothing else, most people would not interpret that as "don't go ahead". They would interpret that as an unusual break in the rhythm of work.

If you wanted them to not do it, you would say something more like "no no, wait, don't do it yet, I want to do this other thing first".

A plain "no" is not one of the expected answers, so when you encounter it, you're more likely to try to read between the lines rather than take it at face value. It might read more like sarcasm.

Now, if you encountered an LLM that did not understand sarcasm, would you see that as a bug or a feature?

I want to clarify a little bit about what's going on.

Codex (the app, not the model) has a built in toggle mode "Build"/"Plan", of course this is just read-only and read-write mode, which occurs programatically out of band, not as some tokenized instruction in the LLM inference step.

So what happened here was that the setting was in Build, which had write-permissions. So it conflated having write permissions with needing to use them.

Hoo-ah

Who knew LLMs won’t take no for an answer

Claudius Interruptus

“If I asked you whether I should proceed to implement this, would the answer be the same as this question”

i don't really see the problem

it's trained to do certain things, like code well

it's not trained to follow unexpected turns, and why should it be? i'd rather it be a better coder

"You have 20 seconds to comply"

The number of comments saying "To be fair [to the agent]" to excuse blatantly dumb shit that should never happen is just...

This is exactly why approval should live in the harness, not in natural language.

If the UI asks a yes/no question, the “no” should be enforced as a state transition that blocks write actions, not passed back into the model as more text to interpret.

Once “permission” is represented as tokens instead of control flow, failures like this are almost inevitable.

The model failure is funny, but the bigger bug is that the system treated consent as prompt material instead of as a hard gate

[dead]

[flagged]

[dead]

[dead]

[dead]

When a developer doesn't want to work on something, it's often because it's awful spaghetti code. Maybe these agents are suffering and need some kind words of encouragement

/s

"- but looking at the context,".

Paste the whole prompt, clown.

Anthropist Rapist 4.6

[flagged]

Why is this interesting?

Is it a shade of gray from HN's new rule yesterday?

https://news.ycombinator.com/item?id=47340079

Personally, the other Ai fail on the front of HN and the US Military killing Iranian school girls are more interesting than someone's poorly harnessed agent not following instructions. These have elements we need to start dealing with yesterday as a society.

https://news.ycombinator.com/item?id=47356968

https://www.nytimes.com/video/world/middleeast/1000000107698...

Yeah this looks like OpenCode. I've never gotten good results with it. Wild that it has 120k stars on GitHub.

Often times I'll say something like:

"Can we make the change to change the button color from red to blue?"

Literally, this is a yes or no question. But the AI will interpret this as me _wanting_ to complete that task and will go ahead and do it for me. And they'll be correct--I _do_ want the task completed! But that's not what I communicated when I literally wrote down my thoughts into a written sentence.

I wonder what the second order effects are of AIs not taking us literally is. Maybe this link??

What else is an LLM supposed to do with this prompt? If you don’t want something done, why are you calling it? It’d be like calling an intern and saying you don’t want anything. Then why’d you call? The harness should allow you to deny changes, but the LLM has clearly been tuned for taking action for a request.