| ▲ | MattDamonSpace 2 hours ago | |||||||||||||||||||||||||
Not sure I agree? It’s not like gitignore should be independent from git | ||||||||||||||||||||||||||
| ▲ | TheDong 2 hours ago | parent | next [-] | |||||||||||||||||||||||||
The difference is that git is a traditional programming tool which executes deterministically. agents are not deterministic tools, they're not sandboxes or container runtimes or languages with capabilities models. They're a way to run arbitrary commands. It would be like saying that "xterm" should have a ".xtermnoexec" list of commands you can't run, or that VLC should have an option for actors it won't show. terminals run shells which run commands, it's not really deeply aware of what commands your shell ultimately run, and it's not in xterm's job to setup a sandbox and strip out executables. VLC displays pixels, it's not up to it to figure out if those pixels are a certain actor. codex pipes text and tool calls back and forth between OpenAI's servers, and it barely understands what that text and those tool calls are, and especially if a given tool touched a file. If you want VLC to not display an actor, you need to add a layer on top of VLC to stop it displaying a list of movies. If you want codex to not display a file's contents, you need a layer on top of codex to prevent it going near that file. | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||
| ▲ | jxf 2 hours ago | parent | prev [-] | |||||||||||||||||||||||||
.gitignore doesn't have the same security implications. If you fail to prevent a private key from being added to your repository, you can reverse this and purge it from the blobs and reflog as if it never happened. If you fail to prevent OpenAI from ingesting a private key, you have created a security incident. | ||||||||||||||||||||||||||