Feature Description
Having a sandbox, or grading model for commands to automatically grade the safety of running it (or a combination of both) would be great.
A sandbox can see/limit what a command actually does and ask permission for things that need privileged access (commands interacting with the internet, touching files outside the working folder, ...).
An automated grading might make it easier for users to assess the danger of a command (this is done in GitHub Copilot, IIRC).
Use Case
Basically, I want a bit more ease of mind, less manual accepting every single tool call, less fatigue. At the same time, I don't want to use Shift + Tab to just blindly accept everything, as that might be potentially destructive or do unwanted modifications.
Additional Context
Having such a feature is a real game changer. I noticed this when switching to Codex from GitHub Copilot (in VS Code). In GitHub Copilot, the default mode is to ask for permission for almost every command ran. Codex is more intelligent with figuring out what to do, in general.
Also see a related issue for OpenCode: anomalyco/opencode#2242.
BTW: I am on Windows, so having it work there as well would be a huge plus ;)
How important is this to you?
Blocking adoption or production use
Feature Description
Having a sandbox, or grading model for commands to automatically grade the safety of running it (or a combination of both) would be great.
A sandbox can see/limit what a command actually does and ask permission for things that need privileged access (commands interacting with the internet, touching files outside the working folder, ...).
An automated grading might make it easier for users to assess the danger of a command (this is done in GitHub Copilot, IIRC).
Use Case
Basically, I want a bit more ease of mind, less manual accepting every single tool call, less fatigue. At the same time, I don't want to use
Shift + Tabto just blindly accept everything, as that might be potentially destructive or do unwanted modifications.Additional Context
Having such a feature is a real game changer. I noticed this when switching to Codex from GitHub Copilot (in VS Code). In GitHub Copilot, the default mode is to ask for permission for almost every command ran. Codex is more intelligent with figuring out what to do, in general.
Also see a related issue for OpenCode: anomalyco/opencode#2242.
BTW: I am on Windows, so having it work there as well would be a huge plus ;)
How important is this to you?
Blocking adoption or production use