You are absolutely correct, but I don't need it to be 100% bulletproof.
I'm using opencode as a coding agent and I've added a custom plugin that implements an .aiexclude check (gist (https://gist.github.com/yanosh-k/09965770f37b3102c22bdf5c59a...)) before tool calls. No matter how good the checks are, on the 5th or 6th attempt a determined prompt can make the agent read a secret — but that only happens if reading secrets is the explicit goal. When I'm not specifically prompting it to extract secrets, the plugin reliably prevents the agent from reading them during normal coding work.
My threat model isn't a motivated attacker — it's accidental ingestion.
That's also why I think this should be a built-in feature of coding agents — though I understand the hesitation: if it can't guarantee 100% coverage, shipping it as a native safeguard risks giving users a false sense of security, which may be harder to manage than not having it at all.
Exactly - there are things that I would change now to make sure I make thing easier for myself and - more importantly - easier for the people around me.
I think there are many people (myself included) whose plans would change dramatically upon discovery of Alzheimer's, dementia, or some other degenerative disease. I might consider moving to somewhere with more liberal assisted suicide laws for example.
Notarizing any wishes against some medical procedures in case a sudden accident ruins your ability to dissent prevents doctors from being forced to keep your body alive as long as possible.
That doesn't apply to Alzheimer's disease directly though. If you don't want to live when your conscious life is limited to short flashes of awareness among a deeply terrifying melange of visions of the past and hallucinations, DNR laws don't in any way force or even allow doctors to euthanize you. You can persist in this state for many years without ever triggering a DNR check.
My genetics are such I'm more likely to drop dead of a heart attack too young.
If I were likely to develop alzheimer's, I'd make more and more expensive accommodation for power of attorney and trusts to shield assets while I was competent to do so.
Like what? You should already have a will, life insurance, etc. even without the disease. All you're doing by knowing earlier is causing psychological harms to yourself and the people you tell, adding more years of anxiety, grief, and sadness for no gain. Think about the bigger picture.
> We show that exposure to algorithmically curated content led users to follow conservative activist accounts. In contrast, when the algorithmic feed was switched off, users continued to follow the accounts they had engaged with previously. This indicates that exposure to feed algorithms has a lasting impact on users’ feeds and their political attitudes.
Once you’ve been radicalised it’s very hard to go back to normal.
But truly there's nothing easier than putting a couple bullets in a document and saying, "Now go forth, underlings, and make these bullets ring true! If you don't, you're fired and without health insurance."
We have pre-commit hooks to prevent people doing the wrong thing. We have all sorts of guardrails to help people.
And the “modern” approach when someone does something wrong is not to blame the person, but to ask “how did the system allow this mistake? What guardrails are missing?”
This is a classic play book by anyone who is anti regulation. Present it as something that appears to be ludicrous - eg “they are banning infinite scroll!” and rely on the fact that very few people will actually dig any deeper as you’ve already satisfied their need for a bit of rage.
The rest is just some vibe coding…
reply