undefined | Better HN

0 pointsFrieren23d ago0 comments

100% agree.

Agents should have the same permissions as the user prompting them, nothing else.

No rules will stop agents of accessing data or modifying content if the agent have permissions to do it.

That does not make the agent "safe" from the perspective that it still can and eventually will cause havoc, delete critical data, etc. But it makes the system safe as it isolates that user access and it is not worse that having an unruly/malicious user.

0 comments

1 comments · 1 top-level

juliendorra23d ago

> Agents should have the same permissions as the user prompting them, nothing else.

In user support work, it won’t make them very useful. User support is the fallback when self-serve tools and public documentation, the one you have permission to read and use directly, are not allowing a solution.

By definition useful user support allows operations that are beyond the user’s permissions

2 more replies

j / k navigate · click thread line to collapse