Use tool calling. Create a simple tool that can do the calls that are allowed/the queries that are allowed. Then teach the LLM what the tools can do. Allow it to call the tool without human input.
Then it will only stop when it wants to do something the tool can't do. You can then either add that capability to the tool, or allow that one time action.
This is the answer, and this strategy can be used on lots of otherwise unsafe activities - put a tool between the LLM and the service you want to use, and bake the guardrails into the tool (or make them configurable)
Well, be careful. You mmight think that a restricted shell is the answer, but restricted shells are still too difficult to constrain. But if you over-constrain the tools then the LLMs won't be that useful. Whatever middle ground you find may well have injection vulnerabilities if you're not careful.
I worry that as technologists we are over indexing on accusing things of being AI. I worry about policies like this where they will remove suspected AI content without investigation.
Case in point, the other day I made a comment on reddit. I spent about 10 minutes writing it. I used proper grammar, bullet points, clean formatting, and em dashes, as I've been doing for many years.
I immediately got downvoted and sent multiple PMs about "not posting AI slop".
I didn't use AI at all to write that comment. It just looked like AI because it was well formed and researched. So am I supposed to add errors just to make it look "human"? But also, how do I even prove I wrote it without AI?
Fellow user of en dashes here. I also try to use proper grammar to the best of my abilities, and I feel your frustration.
So far I've resisted giving in. Something about "those AI bros can grab my ellipses from my cold, dead typing fingers." But I have already caught myself deliberately leaving in a typo when checking over an e-mail before sending it, thinking it makes it less likely to set off AIdars, which is very strange for a perfectionist like me.
I don't have the solution ready either, but if I had to guess, it would be a return to more heavily moderated, closed communities where people have a reasonable expectation to be interacting with real people. It's not foolproof but maybe more manageable. We had trolls and stupid bots on Usenet and IRC as well, after all, and it kind of worked.
Highly biased opinion here since I'm the CEO of DBOS:
It'll be rare that the overhead actually has an effect, especially if you use a library like DBOS, which only adds a database write. You still have to write to and read from your queue, which is about as expensive as a database write/read.
Not my experience at all. The very notable engineers I know didn't do their most notable work because of engineering or coding skills. Instead it was finding interesting problems and making a start or thinking a bit differently about something and doing something about it and being approachable and available all along that made a difference.
If all they did was code all the time, write code for fun and interacted mostly with other similar people, they probably wouldn't be the first choice for these projects.
The ones who ace their careers are for the most people that are fun, driven, or psychos, all social traits that make you good in a political game.
Spending lots of time with other socially awkward types talking about hard math problems or whatever will get you nowhere outside of some SF fantasy startup movie.
I'd say it's especially important for the more nerdy (myself included) to be more outgoing, and do other stuff like sales or presentations, design/marketing og workshops - that will make you exceptional because you then got the "whole package" and undestand the process and other people.
> And the most successful people I know basically did exactly that.
Well that depends heavily on how you define successful.
Successful in life? I would tend to disagree, unless you believe that career is the only thing that counts.
But even when career is concerned: the most successful people I know went on from being developer to some high end management role. The skills that brought them there definitely did not come from hanging out with other engineers talking about engineering things.
> You social life should be hanging out with other engineers talking about engineering things.
Fuck. That.
I worked at a faang, successful people weren't people that did engineering, it was people who did politics.
The most successful people were the ones that joined at the same time as the current VP.
Your hobbies need to be fun, to you. Not support your career. If its just there to support your career, its unpaid career development, not a hobby. Should people not code in their free time? thats not for me to decide. If they enjoy it, and its not hurting anyone, then be my guest.
Engineers are generally useless at understanding whats going on in the real world, they are also quite bad at communicating.
I love your last point. I asked this question because I used to be the person that would spend 4+ hours after work every day trying to keep up with new tech and working on side projects. But now, I've gotten into art and it's really changed my perspective on things like this. I've spent many hours doing, as you call it, unpaid career development instead of pursuing hobbies, building up my friendships, and in general just having fun. It feels like I've taken life so seriously and I don't have much to show for it.
I never worked “for fun”. My job for 30 years is just a means to support my addiction to food and shelter. I don’t hate my job especially my last 3 since 2020 when I started working remotely. But it is just something I do.
I did not do side projects. I really enjoyed most of my 20s as a single person. I was a part time fitness instructor, I dated, hung out with friends, did some traveling.
The other developers at my job also had plenty of outside hobbies.
> On the flip side, I find it shocking that ridership is still only 60% of pre-pandemic levels.
It makes a lot of sense. Many companies went full remote during the pandemic and stayed that way, or if they went in person, it's only 60% of the time or less. And a lot of people left the area during the pandemic, and those that are returning are coming back to SF, not the suburbs.
I used to take the train every day for years, but I've only been on it once or twice since the pandemic.
To put it in startup terms, the TAM for ridership shrank considerably. They may very well be capturing a greater amount of the TAM than before the pandemic.
Commuting and residential patterns changed too. A lot of Googlers purchased houses in the Tri-valley during COVID instead of living in apartments in Mountain View or Sunnyvale or SF. Now they have a Dumbarton or 237 commute instead of something Caltrain-accessible. Tech companies also started laying off in 2022, and stopped hiring in the Bay Area; I'd bet that total employment along the Caltrain corridor is significantly lower than in 2019.
The Bay Area also needs way better last-mile transportation. I looked into taking Caltrain to work; it'd take 22 minutes to Caltrain the ~15 miles to the nearest Caltrain station, and then another 22 minutes to shuttle the 2.5 miles to work.
If you want to try Opus you can get the lowest Claude plan for $20 for the month, which has enough tokens for most hobby projects. I've been using to vibe code some little utilities for myself and haven't hit the limits yet.
Oh nice, I saw people on reddit say that Opus 4.5 will hit that $20 limit after a 1-3 prompts, though maybe thats just on massive codebases. Like you, I'd just want to try it out on some hobby projects
> I saw people on reddit say that Opus 4.5 will hit that $20 limit after a 1-3 prompts
That's people doing real-vibe coding prompts, like "Build me a music player with...". I'm using the $20 Codex plan and with getting it to plan first and then executing (in the same way I, an experienced dev would instruct a junior) haven't even managed to exhaust my 5-hour window limits, let alone the weekly limit.
Also if you keep an eye on it and kill it if it goes in the wrong direction you save plenty of tokens vs letting it go off on one. I wasted a bunch when Codex took 25 minutes(!) to install one package because something went wrong and instead of stopping and asking it decided to "problem solve" on its own.
It uses NFC, where the NFC tag carries a payload to tell the brick what to do. So in theory they can develop new skills for the brick and release new "trigger" blocks for it.
But to your point of: "seeing limitless possibilities in what you can build or pretend is one of the keystones of Lego", the first comment I saw on the instagram post about this was "but I like to make the pew pew noised myself".
Then it will only stop when it wants to do something the tool can't do. You can then either add that capability to the tool, or allow that one time action.
reply