logoalt Hacker News

smashiniyesterday at 2:55 PM0 repliesview on HN

The scanner is just one part of the codebase, good for maintaining quality in a pipeline.

There is also @makerchecker/embedded, which has runtime permission primitives you wrap around the agent's actions, so the restraints live in the app exactly like you're describing

Less whack-a-mole, more wrap the risky calls and they're bound