Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A better permissions layer for coding agents. The tool works like auto-mode for Claude Code, so you can stay in the flow and only get prompted to allow or deny tool calls when it truly matters, but it is fully deterministic. My benchmarks surfaced that most Bash calls don’t need an LLM to be classified as safe, ambiguous, or dangerous. A deterministic classifier can auto-allow or block 95% of Bash tool calls as safe or dangerous, with only the remaining 5% being truly ambiguous or unknown.

Conclusion is permission reviews with LLMs like Claude’s auto mode or Codex auto review are like using a data center to flip a light switch - overkill.

The main benefit is that your agent’s autonomy can be governed deterministically through policies that can be stored at the user and repo level. The bonus is that you save tokens vs using auto modes.

https://nah.build



You know I'd love an ability to a "lock" a file from being read by agents.

Casual browsing of a .env is probably my top pet peeve of coding agents.

Everytime a secret gets slurped into an API I have to go roll secrets.

Does this tool solve that use case?


Yes, you can define sensitive paths and assign 'ask' or 'block' policies to them.

.env, .ssh, and others are treated as a sensitive filenames by default.

Similarly, with hosts and network access - unknown hosts pause, trusted hosts can be configured.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: