| ▲ | gitgud 2 hours ago | ||||||||||||||||
This is one of the reasons why native proprietary coding agent runners like claude-code, codex, grok-build etc are so dangerous for privacy… you just don’t know what “secret sauce” they’ll add in the next update… It’s much safer to use something like opencode and use models via their API… however, the tradeoff is that it will never perform as well as it does in their native agent runners… | |||||||||||||||||
| ▲ | gruez 2 hours ago | parent | next [-] | ||||||||||||||||
Give enough usage, you can reconstruct an entire codebase via tool calls alone, and it'll be entirely undetectable because it's all done server side. Whatever grok's doing is just more blatant, but using opencode or whatever doesn't create a meaningful security boundary. It's like the meme of using cheetos as a lock. | |||||||||||||||||
| ▲ | hansvm 42 minutes ago | parent | prev | next [-] | ||||||||||||||||
> the next update That's a major problem in its own right. Yes, not updating an XP SP1 RCE immediately is dangerous, but in the last couple decades I've seen far more damage inflicted from automatic updates than what I think the lack of them would have caused. | |||||||||||||||||
| ▲ | _davide_ 26 minutes ago | parent | prev | next [-] | ||||||||||||||||
I'm using my own agent, but i can't risk blocking the company account with it..... | |||||||||||||||||
| ▲ | rohansood15 2 hours ago | parent | prev | next [-] | ||||||||||||||||
I agree with you, but Codex is open source. | |||||||||||||||||
| |||||||||||||||||
| ▲ | jimmydoe 2 hours ago | parent | prev [-] | ||||||||||||||||
last time I checked, codex is still open source w Apache-2.0 license | |||||||||||||||||