Adam Spiers
Adam Spiers
Just noticed this looks similar to #6772.
Auto-closing without any response is not a valid approach to improving products and customer satisfaction.
Hey @thdxr thanks for the reply, and indeed I wasn't aware - that's really cool, and probably far better than some or perhaps even all of the competitors! That said,...
Yeah I realised that as soon as I looked at your treesitter code. As I said, it's very nice, but bash + treesitter is still an enormous attack surface when...
> what about an additional AI check in a separate thread with small_model + json mode? "check if this bash command breaks the rules above and/or if the description is...
> The way I understand your idea, adding a single finegrained bash permission rule will force the model to switch from its typical workflow (long one shot scripts with io...
@rekram1-node Will it catch commands like this? ```bash $'\x65\x76\x61\x6c' "echo foo && echo bar" ``` This is an example of what I meant by [my earlier comment](https://github.com/sst/opencode/issues/2206#issuecomment-3217170432): > I'm pretty...
It doesn't; you could just type `eval` instead. I was just demonstrating one way how an obvious `eval`-based attack could be obfuscated, and I'm sure there are countless other ways...
> Yeah ultimately if you're super concerned you'll be better off using a heavier sandbox Sure. > we can definitely do more in our approach but it's really difficult to...
Checked - not a duplicate.