Comment by footydude
3 hours ago
> But it should only be able to "hit a button" to send a 2FA email to the address attached to the account, all run with hand-written code.
Genuine question...why would that need to be hand-written?
It makes absolute sense as a general statement and is kinda crazy that this wasn't a built-in limitation, but I'm not quite sure why the code for that bit must be hand-written (provided the code functionally does what you describe).
I think he likely means "code that is hand-reviewed" and not directly controlled by the agent. He's probably meaning to differentiate it against the in-process agent writing the code. It doesn't matter too much if that fixed code was written by an LLM under guidance and review of the SWE, outside the agent.
Ahh ok - that's fair enough - hand-reviewed/not controlled by the agent seems a sensible approach (wasn't sure if it was instructive of a complete distrust of AI generated code)
Agreed, “literally written by hand” didn’t cross my mind. Not by keyboard or pen.
Maybe not hand-written, but definitely static, and at least human-reviewed/tested to only allow sending to previously-validated email addresses.
Right, as in, does not accept an email as a parameter. If its anything like my company they are turning out "agents" super fast and just hooking them up to internal APIs usually via a light MCP wrapper. Since MCP doesn't have any security or auth built in, and internal APIs usually are light on security you have issues like this.