Hacker News new | ask | show | jobs
by nopurpose 60 days ago
I agree that sandboxing whole agent is inadequate: I am fine sharing my github creds with the gh CLI, but not with the npm. More granular sunboxing and permission is what I'd like to see and this project seems interesting enough to have a closer look.

I am not interested in the "claw" workflow, but if I can use it for a safer "code" environment it is a win for me.
1 comments
mkesper 60 days ago
When the agent uses your GH credentials to nuke all your projects or put out a lot of crap, this separation will not save you.
link
nopurpose 59 days ago
whitelisting `gh` args should solve it. Event opencode's primitive permission system allows that.
link
tredre3 59 days ago
The ability to whitelist specific args for commands has been the source of several (countless?) sudo CVEs over the years.
link