logoalt Hacker News

gitgudtoday at 3:10 AM5 repliesview on HN

This is one of the reasons why native proprietary coding agent runners like claude-code, codex, grok-build etc are so dangerous for privacy… you just don’t know what “secret sauce” they’ll add in the next update…

It’s much safer to use something like opencode and use models via their API… however, the tradeoff is that it will never perform as well as it does in their native agent runners…


Replies

grueztoday at 3:18 AM

Give enough usage, you can reconstruct an entire codebase via tool calls alone, and it'll be entirely undetectable because it's all done server side. Whatever grok's doing is just more blatant, but using opencode or whatever doesn't create a meaningful security boundary. It's like the meme of using cheetos as a lock.

rohansood15today at 3:18 AM

I agree with you, but Codex is open source.

show 2 replies
hansvmtoday at 4:44 AM

> the next update

That's a major problem in its own right. Yes, not updating an XP SP1 RCE immediately is dangerous, but in the last couple decades I've seen far more damage inflicted from automatic updates than what I think the lack of them would have caused.

_davide_today at 5:00 AM

I'm using my own agent, but i can't risk blocking the company account with it.....

jimmydoetoday at 3:19 AM

last time I checked, codex is still open source w Apache-2.0 license