Machine Learning

How to Safely Run Encryption Agents

since Claude Code and Codex have given me the biggest efficiency boost I've ever had while programming, in a way that's far more advanced than getting more powerful computers or learning new topics and techniques.

However, a common scenario when using encryption agents on your computer is this:

  1. How many permissions should you give your coding agents?
  2. How do you manage them safely when you give them too many permissions?

In this article, I'll cover how I use my encryption agents to securely install them on my computer, why using YOLO mode is fine for most people, and why manually approving all permissions can be very dangerous in itself due to false confidence.

This infographic highlights the main content of this article. I'll discuss how to use coding agents safely, why you don't need to review every code, how to avoid doing unsafe things, how many permissions to give your coding agents, and how to use them safely. Image via ChatGPT.

Why use coding agents?

First, I need to cover why you should use encryption agents on your computer. If you work with programming, it should be self-explanatory. Using coding agents to edit instead of editing manually is more efficient. You can't even compare it to writing the code yourself or to tab completion. Having agents write all the code for you is now very possible, given how powerful the latest LLMs have become, and is much more efficient at implementing code than humans ever will be.

However, often, some risks of using coding agents are revealed, usually they mention the two points below:

  1. It's scary not to look at and verify the code yourself or do a human review.
  2. Agents can perform unsafe actions, and you need to ensure that they are not doing anything they shouldn't be doing.

In this article, I will cover why I strongly disagree with these two points and how you can ensure that you are using scripting agents safely on your computer in your environment.

Coding agents work safely

In this section, I will be answering the two points raised above, including how many permissions to give your agents, and how to run them safely once you have given them the permissions they need. I will cover each part in a separate section.

Why don't you need to manually update all the code

First, I want to answer the first question about how many people think that all code should be manually reviewed. I strongly disagree with this argument because coding agents are so powerful now that they write better code, or at least equally good code, than most people. Of course, the code may not be perfect, adhering to all formatting rules or best practices. However, code generated by code agents is generally more efficient, and agents are more efficient at finding bugs.

I would argue that coding agents in most cases can produce better code than humans because they are able to take more of the context around the endpoint and thus avoid more bugs.

If you have well-organized code with a lot of detail in your agent.md files and other markup files, and you let other coding agents do code reviews on the code you generate, I don't think you need to review your code manually.

Of course, there are situations where you touch very sensitive code that you know can lead to bugs. In these cases, you should do human review naturally, but with most of the code you generate, I don't think human review is necessary anymore.

To ensure that agents do not perform unsafe actions

The second point mentioned above is that agents can perform unsafe actions, and you need to ensure that they are not doing something they shouldn't be doing. It is true that if you give your coding agent too many permissions, it can obviously perform unsafe actions. For example, if you give them broad AWS permissions, they can, of course, update your infrastructure.

However, in my experience, I have two opposing arguments:

  1. Coding agents very, very rarely make these mistakes. I find that Claude Code and Codex almost always inform me before making an irreversible decision, or at least an irreversible decision. They just don't make big mistakes that are very difficult to undo.
  2. If the coding agent is able to perform a destructive action, such as deleting the production database or equivalent, I would argue that the problem is not in the coding agent, but in the way you build your code. Neither an AI nor a human should be able to fully clear the production table, obviously. If so, you first gave them very broad permissions. Technically, one can make that mistake again. Second, you haven't organized your code properly. For example, if a table is deleted, you should make sure you have a backup.

I don't think the argument that agents are doing unsafe things is really true. Coding agents don't actually make these unrecoverable errors, and if such a damaging unrecoverable error could happen, such as deleting production data, you need to update your code infrastructure to make sure it doesn't.

How many permissions to give your agents

Now, let's cover how many permissions you should give your coding agents. Whenever I run my agents, I run with Claude --dangerously-skip-permissions and Codex in YOLO mode. This means that I ask it to never ask me for permission when I perform an action. The only problem I have with this is when I use the rm command, for example, to delete repeatedly as below:

rm -rf

When I use this command, the agents have to ask for my permission because I know that it is a destructive action on my computer that cannot be reversed (that is, I cannot restore files deleted by this command).

Otherwise, I'm very comfortable with the permissions I give my agents. However, I am trying to limit it to only relevant permissions. For example, a code agent does not need administrator access to AWS, but viewer or power access can be important for the agent to complete its work.

In general, I think your rule should be:

Be liberal with your permissions. Make sure the code agent has all the tools they need to do their job effectively. However, also try to limit the permissions to what the agent really needs, and be careful with administrator-level permissions that can do harmful things.

And I want to highlight in this section that, of course, the number of permissions you give to your agents should depend on the domain you are working on. If you work in a highly secure domain, such as healthcare or military systems, you should definitely be more careful about the code you generate and the actions your agents perform. However, most programmers do not work in these domains, which is true of my points throughout this article. I urge you to think about your use case and how harmful or non-harmful errors appear in coding agents.

Strategies for using writing agents safely

In this last section, I want to cover how to use writing agents safely, since you have given them many permissions, as I put in the last section. There are many strategies you can use to use writing agents safely.

One, of course, is not to give them administrative-level permissions, like what I mentioned in the last section, because admin-level permissions usually involve being able to run irreversible commands, which, in general, is something you want to avoid. Simply put, a code agent should be able to perform any action that is reversible, as this gives them the freedom to perform tasks efficiently. With irreversible decisions, you have to be really careful.

To ensure that the code produced by my coding agents works and to reduce the chances of code containing bugs, I often use another coding agent to review the code. Then I have agents that work together repeatedly:

  • Create the code
  • Perform code reviews
  • Recode, given code review
  • Do some code reviews

and so on until both the reviewer and the initial coding agents are happy.


Another technique worth mentioning is that you can use blocks in certain commands that you know cannot be reversed. This is, for example, the rm command I mentioned earlier, which can remove files from the computer. This removal does not end in the trash can as if someone removed it. It's simply irreversible, and it's a command to be aware of. You can put a block on such commands so that the coding agent explicitly asks for your permission before running that command.

The conclusion

In this article, I cover why you should use coding agents, highlighting how you can become a more efficient coder. Continuing on that, I answered several common arguments in using coding agents, such as why you don't need to review all the code manually and how to avoid agents from doing unsafe actions. In addition, I have provided information on how many permissions you should give your coding agents and how to run them safely once you have given them liberal permissions, as I recommend to many programmers who do not work on sensitive domains. I urge you to experiment further with coding agents, as I believe they are the biggest productivity benefit you can get as a programmer right now. You should continue to work with them and discover for yourself how to make both of them more efficient in your applications and how they work safely. Throughout this article, I have provided tips and tricks from my use cases, which you can try to transfer to your application areas.

πŸ‘‹ Touch

πŸ‘‰ My Free eBook and Webinar:

πŸš€ 10x Your Engineering with LLMs (Free 3-Day Email Course)

πŸ“š Get my free ebook Vision Language Models

πŸ’» My webinar on Vision Language Models

πŸ‘‰ Find me on social media:

πŸ’Œ Stack

πŸ”— LinkedIn

🐦 X / Twitter

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button