We need to avoid that users stop reading the commands the LLM suggests before hitting the “run” button. Our company already disabled YOLO/Auto-Mode for that reason. We noticed the LLM did
- delete entire files for no apparent reason
- copy secrets from .env files and hardcoding them into git-controlled files forcing rotation
- Delete tests it can’t figure out how to pass
- Cheat on tests it can’t figure out how to pass
- Make breaking edits to files when the context window is exceeded
- invent issues to fix and “fix” them
- waste thousands and thousands of tokens – creating the wrong code, realizing its wrong, removing it, and then creating it again
However, disabling this mode won’t prevent developers from blindly running commands.
My suggestion is to do periodical tests. I.e., append some malicious commands and yell at the user if the click on “run”. Sth like bash do_sth_requested.sh; rm -rf /