Files

1.3 KiB

Security Safeguards: User Preferences

Germaine explicitly asked "what safeguards do you have to not run amok?" and "what can we put in place to make sure hallucinations don't happen?"

Approval Tiers

Level Examples Requires user approval?
Read Check status, read logs, search files, inspect config Never
Scoped write Edit portal CSS, create draft pages, run backup scripts Only for production systems
Dangerous DNS changes, server reboot, config edits, file deletion, firewall rule changes, API key operations Always — state hostname+IP+impact first

Hard Rules

  1. Before any destructive action, state the target hostname AND IP. Never act on opaque IDs.
  2. Default to read-only unless explicitly told "write mode."
  3. No invented config keys — if a feature isn't confirmed, say "I don't know."
  4. API keys get minimum permissions — Cloudflare DNS-only, Wasabi write-only, Stripe read-only.
  5. Kill switch: /lockdown → remove SSH key from all servers, stop all cron jobs, stop email triage, report done.

Carried Forward

  • "Don't be making shit up" — verify before claiming success
  • Caution over speed for infrastructure operations
  • State hostname + IP and confirm before any destructive action