Yep, it's easier to ask forgiveness than permission. It's far easier to undo the 1% of the time they fuck up in a serious way than it is to manually audit and allow an the routine stuff.

The key is to only give them access to things you're willing to lose.

This is also why giving them any kind of direct write access to production is a bad idea.

▲

jazzyjackson 2 hours ago | parent [-]

Talk about code smell

If you arent manually auditing, you only notice the fuck ups when they’re instantaneous

If you don’t trust it to interact with prod, but still trust it to write code that will run on prod… you’re still trusting it with write access to prod.

The only thing I’m willing to let Claude write for me is a static site generator, because static files without JS aren’t going to do any damage, it either loads or it doesn’t.

▲

JeremyNT 31 minutes ago | parent | next [-]

To be clear, I'm not saying you can't (or shouldn't) review the results, only that you can (and should) give the harness the ability to do everything it needs to function without hitting permission barriers that need to be manually approved.

The correct way to run these safely is to sandbox them so real lasting damage is impossible, not to micromanage individual access requests.

▲

raw_anon_1111 2 hours ago | parent | prev [-]

If you are a team lead or above, do you manually audit every line of code that other developers on your team write even when you are the one that will ultimately be held responsible? Every library you use?

▲

joquarky an hour ago | parent [-]

This was fairly routine when the pace of everything was slower, we didn't have a giant tree of dependencies, and companies cared more about product quality.

	▲	raw_anon_1111 an hour ago \| parent [-]
		There was never a time that someone wasn’t responsible for more than they could review