|
|
|
|
|
|
by 1123581321
85 days ago
|
|
|
A classifier is probably nice for those who currently allow --dangerously-skip-permissions, but it's not for those who have been trying to only allow the right commands to always run. It only lowers the odds of something bad happening. Maintaining a massive allowlist that parses nested bash commands is safer. (I do this. It fits in a 2MB binary that runs on a hook, and it includes what I've put in Claude's allowlist after parsing and tokenizing nested bash.) |
|
|