Victor Junqueira

Your AI agent has shell access on your machine. Treat it like an intern with sudo. Claude Code PreToolUse hooks run BEFORE any tool executes. Exit code 2 = blocked. Model sees stderr, stops, asks you. What 12 lines of Typescript can stop: > npm/pip install of flagged packages > reads of ~/.ssh, ~/.aws, .env* > git push to main > curl | bash patterns > DROP TABLE without WHERE > rm -rf outside /tmp Almost nobody is using this layer. I wrote the full breakdown: https://t.co/yRps6zo5q5

I’ve been trying to find good analogies for this. The argument seems to be: “AI is intelligent because it does intelligent-like things, therefore it is cope to say it’s not intelligent.” Some analogies: - “The moon is really bright. Therefore it is capable of luminance.” Here of course we expose a manner of speaking. The moon reflects the sun’s light. The models reflect our own intelligence. The moon will never be a star. - “A snail on the bed of a tow truck is really fast. Look, it’s moving from A to B at 60mph, it’s clearly fast.” But of course the snail is borrowing the truck’s velocity. Notice how there is no controversy in calling the technology large language models because the term is perfectly apt: a map of language. This points to language as constructed by humans as the true source of magic, and LLMs being algorithms that can traverse this map at light speeds. Before you think I’m being pedantic, understand that the nature of the words we use is precisely what’s at stake. That the moon *looks* bright is incontrovertible. Insisting however that the moon itself has any concept of inherent luminance is when you start to gaslight people into deranged realities that they will not stand for. Attempting to appropriate ageless conceptions like consciousness and intelligence to corporate technology by playing axiomatic word games is insanity. Large language models do what they do and this is non-controversial. Personifying it with human-like attributes however is totally uncalled for, when it is easy enough for us to define new words that better capture the phenomenon. I’ve been thinking long and hard about this and I think a good phrase for these technologies can be—hear me out: “large language models”

That’s exactly what PreToolUse hooks are for. CLAUDE.md is a suggestion the model can ignore. Hooks run deterministically before the tool call fires, so you can block --config.minimumReleaseAge=0 outright and the agent never gets to execute it. Wrote about locking this down: https://t.co/Njp5BIiBPW