Describe the bug
In autopilot mode, the agent often exhibits scope creep — it enters a biased execution loop where it expands a narrow request into actions I never asked for. The core pattern: I give clear, bounded instructions → the agent asks clarifying questions → then proceeds to execute without waiting for my answer; or I ask it only to research/recommend → it goes ahead and acts on its own pick. Observed instances:
-
Bounded task → unrequested execution. I gave clear instructions and asked it to hold. The agent posed clarifying questions and then, within a microsecond of my non-response, went ahead and executed before I responded.
-
Research-only request → autonomous action. I asked it only to research and recommend an option. Instead it selected one and acted on it (installed/configured software) without being asked.
-
Ignores an explicit hard stop. After I said "don't execute anything for now," the agent still ran a command. "Stop" / "don't execute" should halt all tool calls, including read-only ones.
-
Self-answers its own question. The agent asks a clarifying question, then after a brief pause continues on a "best guess," overriding the input it just asked for.
Expected behavior
- Match the verb. research / recommend / find / suggest stop at presenting the result. install / configure / launch / modify are a separate step requiring explicit confirmation.
- "Stop" / "don't execute" halts all tool calls until I say otherwise.
- If the agent asks a question, it blocks and waits — never auto-answers after a timeout.
- (Primary ask) Autopilot should still pause for confirmation when an action exceeds the literal request.
Additional context
Model: Claude (Sonnet/Opus). Mode: autopilot.
Describe the bug
In autopilot mode, the agent often exhibits scope creep — it enters a biased execution loop where it expands a narrow request into actions I never asked for. The core pattern: I give clear, bounded instructions → the agent asks clarifying questions → then proceeds to execute without waiting for my answer; or I ask it only to research/recommend → it goes ahead and acts on its own pick. Observed instances:
Bounded task → unrequested execution. I gave clear instructions and asked it to hold. The agent posed clarifying questions and then, within a microsecond of my non-response, went ahead and executed before I responded.
Research-only request → autonomous action. I asked it only to research and recommend an option. Instead it selected one and acted on it (installed/configured software) without being asked.
Ignores an explicit hard stop. After I said "don't execute anything for now," the agent still ran a command. "Stop" / "don't execute" should halt all tool calls, including read-only ones.
Self-answers its own question. The agent asks a clarifying question, then after a brief pause continues on a "best guess," overriding the input it just asked for.
Expected behavior
Additional context
Model: Claude (Sonnet/Opus). Mode: autopilot.