I run totally unprotected with gpt5.4/5. I've been through thousands of dollars worth of API tokens through both copilot and custom harnesses that have local admin and arbitrary powershell access. I've never seen anything that could even remotely be construed as malicious.

I see a lot of people making a really big deal about safety and sandboxing while I'm busy getting shit done. If you can't handle your current source code checkout getting screwed up by a bad prompt, that's on you 1000%. Source control is the answer for anything information over time.

Unless you intentionally try to make a scene, these models aren't going to go fuck with your system shell or do anything you couldn't recover from in a few minutes. Connecting chatgpt to the enterprise sql server as sysadmin is not what I'm advocating for. This is another example of "on you, not the AI". There's a tiny amount of nuance you can apply at the edges that makes it easy to allow broad access with negligible risk.