sigoden
commented
1 week ago We disagree with your opinion. Software needs to balance between security and usability.
For example, with fs_*, operations like fs_rm and fs_write require user confirmation, while fs_cat, fs_ls, and fs_mkdir do not.
Is your feature request related to a problem? Please describe.
At the moment it looks to me like by default, functions don't prompt for user input. This feels dangerous since it allows execution of arbitrary code by LLMs. I may be mistaken about this - couldn't figure it out from a look at the repo and documentation.
Describe the solution you'd like
I would like everything by default to prompt for user confirmation, similar to the design of this notebook https://github.com/microsoft/autogen/blob/main/notebook/agentchat_function_call_code_writing.ipynb.
Describe alternatives you've considered
Can use autogen for this or langgraph but neither have as nice CLI integration as this repo.
Additional context
This may already exist in this project and just be something I've missed. In that case I would find more explicit documentation on the security model helpful.