wary hedge
https://github.com/NousResearch/hermes-agent/issues/510#issuecomment-4303266210
Do you have the experience that your agent using write_file tool to overwriting existing files?
I have a suggestion to add a confirm warning to make the agent think twice when it doing such a tool call, what is your thoughts?
@bright hedge
If you dont want it to be able to I'd suggest just using docker backend
But the problem is I'm requesting agent to write a worklog for what we done, I should definitely need to allowed it to able doing this
Using Docker backed won't help this, because it will doing absolutely same thing when inside sandboxed environments.
bright hedge
There is no foolproof way to prevent it from writing to the code
or the files
If you dont approve it it can just find a bunch of ways to write scripts to edit a file
wary hedge
Even I added the iron rules to its SOUL.md that "don't use write tool when there's a existing file, use patch tool instead"
But it will still forgot
I've setup restic backup every hour and git so I don't really need to worry about data loss, but it is still making me frustrating
wary hedge
If you dont approve it it can just find a bunch of ways to write scripts to edit...
Clear message to the agent that the "deny" is requested/triggered by user/security scan/pre-define rules is required, and ask agent to think twice or ask the user for further instructions
wary hedge
Clear message to the agent that the "deny" is requested/triggered by user/secur...
And don't messup the system prompt for a such warning in the tool description, only shows when it is doing such things, so the system prompt stays clean
bright hedge
Even I added the iron rules to its SOUL.md that "don't use write tool when there...
That implies it will still ignore your steering