alt Hacker NewsTalk about code smell
If you arent manually auditing, you only notice the fuck ups when they’re instantaneous
If you don’t trust it to interact with prod, but still trust it to write code that will run on prod… you’re still trusting it with write access to prod.
The only thing I’m willing to let Claude write for me is a static site generator, because static files without JS aren’t going to do any damage, it either loads or it doesn’t.
Replies
raw_anon_1111 • today at 2:37 AM
If you are a team lead or above, do you manually audit every line of code that other developers on your team write even when you are the one that will ultimately be held responsible? Every library you use?
➕ show 1 reply
To be clear, I'm not saying you can't (or shouldn't) review the results, only that you can (and should) give the harness the ability to do everything it needs to function without hitting permission barriers that need to be manually approved.
The correct way to run these safely is to sandbox them so real lasting damage is impossible, not to micromanage individual access requests.