While using the chat agent (auto) for help, i noticed it was killing and restarted my server automatically in its own terminal, which is not on my Allowlist. When I opened the agents terminal to kill the server there, it has a message that says the agent terminal is read only. I was confused because I’ve always been able to use the agent terminal like any other terminal. I prompted the agent to see why it was running that command even though its not on the Allowlist and why I can’t interact with the terminal, and it answered that it was using the run_terminal_cmd tool and that it is allowed to execute any command with that tool with no restrictions from an allowlist.
I’m not sure if this is from a new update or I’m misunderstanding how the tool works, but it’s a bit scary that the agent may possibly run whatever it wants, ignoring my Allowlist? I couldn’t find anything in the settings for that tool.
If anyone has any suggestions or knows of something I probably did wrong that caused this lol I’m all ears, thanks.