← Back to context

Comment by TSiege

4 days ago

"I love lax security features therefore you should too." Defaults should be safe and risky action should be done at the user's own discretion

This isn't really security-related. The "AskUserQuestion" hook in question here is not the one that gets used for authorizing actions. That's a completely separate mechanism that is unaffected by this 60-second timer thing.

What this is referring to are those follow-up "here's two plausible alternative ways to do this, which one do you prefer?" questions you sometimes get, and usually at the beginning of a planning session when presumably you're still actively involved in the session. They get exponentially less likely as the turn goes on.

Maybe it's a good default, maybe it's not, I'll wait to pass judgment. But it's not security-related except in contrived scenarios you could construct where one side of an A-or-B UserQuestion has security implications that aren't caught by any other safeguard. I haven't ever really experienced that in practice.

It's not security related. If you aren't running agents in a sandbox today, that's a "you" problem.

It's purely architecture/design related and the last thing anyone wants is coming back at the end of the day to find their agent didn't make progress because it was stuck on a response.

You can always redirect the agent or scrap its work, you can't undo the lost time.