Well, isn't it like Yolo mode from Claude Code that we've been using, without worry, locally for months now? I truly think that Yolo mode is absolutely fantastic, while dangerous, and I can't wait to see what the future holds there.

▲

cj 5 days ago | parent | next [-]

I don't use claude and googled yolo mode out of curiosity. For others in the same boat:

https://www.anthropic.com/engineering/claude-code-best-pract...

▲

bicx 5 days ago | parent | prev | next [-]

I run it from within a dev container. I never had issues with yolo mode before, but if it somehow decided to use the gcloud command (for instance) and affected the production stack, it’s my ass on the line.

	▲	ses1984 5 days ago \| parent [-]
		If you give it auth information to talk to Google apis, that’s not really sandboxed.

▲

adastra22 5 days ago | parent | prev | next [-]

Run it within a devcontainer and there is almost no attack profile and therefore no risk. With a little more work it could be fully sandboxed.

▲

roywiggins 5 days ago | parent [-]

You still have to be pretty careful it doesn't have access to any API keys it could decide to exfiltrate...

▲

adastra22 5 days ago | parent [-]

How would it have access to API keys? You don’t put those in your git repo, do you?

▲

jazzyjackson 5 days ago | parent [-]

If the code can call a method that provides the API key, what would stop the LLM from calling the same code? How do you propose to let an LLM run tests that execute code that requires API without the LLM also being able to grab the key?

	▲	adastra22 5 days ago \| parent [-]
		I don’t give it access to calls requiring API keys in the first place. This is just good dev environment stuff. Have locally hosted substitutes for everything. Run it all in docker.

▲

jazzyjackson 5 days ago | parent | prev [-]

I shudder to think of what my friends' AWS bill looks like letting Claude run aws-cli commands he doesn't understand