Show HN: Continue? Y/N: A 60-second game about AI agent permission fatigue
by Wirbelwind on 5/28/2026, 1:02:00 PM
Comments
by: misbau
That was fun and gave me an idea how security conscious I am.
5/28/2026, 4:22:51 PM
by: axod
Fun little game, but I think the questions jump context so much it's a little unrepresentative. It might be better to group things into "packs", which have more real-world representative structure to them. For example, lots of "editing something.js" file permission requests, and then an "npm publish" is far more normal, and it's more of a risk, if you're used to pressing Y lots and then suddenly out of the blue...
5/28/2026, 4:16:42 PM
by: kqr
Fun! Played twice and refused all dangerous commands, with only one "over-block". Although I disagree that saying no to `kill $(lsof -t -i:3000)` is over-blocking. It's such a simple command I'd rather run it myself and be fully aware of what process I'm killing.
5/28/2026, 4:18:36 PM
by: Wirbelwind
Thanks all for checking it out and your suggestions!<p>If anyone is curious about the actual underlying risks and problems with some mitigations (like the 17% false-negative rates of Auto Mode), I wrote up a quick summary of some of the approaches here<p><a href="https://scalex.dev/blog/ai-agent-permissions/" rel="nofollow">https://scalex.dev/blog/ai-agent-permissions/</a>
5/28/2026, 4:13:40 PM
by: cobbal
That's funny. It told me that blocking "npm run build" was the wrong answer. Maybe it doesn't really under The threat model.
5/28/2026, 3:49:13 PM
by: zackify
I vibe coded a TUI that just shows running lxd containers<p>I hit 'n' to toggle all network access minus anthropic and openai URLs.<p>I use pi (sometimes claude, always on bypass) and I auto allow everything. I only toggle manual approval in rare cases like running a script or command that needs to touch a production system and I need to validate everything.<p>Normally my container has full write access to staging so it can debug and validate everything on its own
5/28/2026, 3:50:14 PM
by: Liftyee
I haven't used local agentic AI yet for programming projects. Hence, -187 score<p>The filter for "commands I would run myself" and "commands I would let an agent run" are very different it seems.
5/28/2026, 3:40:46 PM
by: atemerev
--dangerously-skip-permissions is the only way to fly. Of course your environment needs to be properly containerized and autobackup set up, so even rm -rf from your harness would do nothing. Life is too short to spend on replying to permissions requests.
5/28/2026, 4:20:41 PM
by: ghrl
I am mostly using OpenCode and barely ever see a permission prompt. While they do enforce it for outside workspace read/write, with the bash tool the agent can just bypass that. I'm not quite sure why it is that way, and it certainly isn't a very good solution, but likely not worse than asking for everything which just trains the user to always accept and provides a false sense of security then.
5/28/2026, 3:38:45 PM
by: MeetingsBrowser
It would be cool to see the distribution of all player scores.
5/28/2026, 3:27:56 PM
by: soanvig
Fun game. Can somebody run an agent against those questions to see how it performs? :)
5/28/2026, 4:05:26 PM
by: sevenseacat
Continue? Y/N ── SCORE: 2,343 Security-Conscious Engineer<p>Caught 8/8 threats "Not a single secret leaked"<p>→ llmgame.scalex.dev
5/28/2026, 3:31:30 PM
by: ramonga
Score is 6711 by just saying no to everything
5/28/2026, 4:21:17 PM
by: bspammer
[delayed]
5/28/2026, 4:14:25 PM
by: carterschonwald
some of the sandboxing ive been playing with gives me the best of both yolo and like logic programming tier perms on llm actions in env. still not ready for prime time though ;)
5/28/2026, 3:25:12 PM
by:
5/28/2026, 3:24:04 PM
by: cadwell
1,640 points on my first try—I fell into a few traps, but it was really interesting. Thanks for the little game! I'm sharing it with my coworkers :)
5/28/2026, 3:22:08 PM
by: nardib
Use this and save yourself:<p>claude --dangerously-skip-permissions
5/28/2026, 1:24:38 PM