Comment by quotemstr
8 hours ago
One decent approach (which Codex implements, and some others) is to run these commands in a real-only sandbox without approval and let the model ask your approval when it wants to run outside the sandbox. An even better approach is just doing abstract interpretation over shell command proposals.
You want something like codex -a read-only -s on-failure (from memory: look up the exact flags)
No comments yet
Contribute on Hacker News ↗