| ▲ | 1123581321 3 days ago | |||||||
A classifier is probably nice for those who currently allow --dangerously-skip-permissions, but it's not for those who have been trying to only allow the right commands to always run. It only lowers the odds of something bad happening. Maintaining a massive allowlist that parses nested bash commands is safer. (I do this. It fits in a 2MB binary that runs on a hook, and it includes what I've put in Claude's allowlist after parsing and tokenizing nested bash.) | ||||||||
| ▲ | splitbrain 3 days ago | parent [-] | |||||||
Is that available somewhere? Maybe as a blog post on how you set this up? | ||||||||
| ||||||||