Different [[20260413105415-ai-agent-harness]] have different default permissions. Most tools now have a way of auto-approving permissions for a given task. Claude calls this YOLO mode, Copilot has Autopilot, etc. While they can help you most faster, they seem a bit unsafe.
In general I don't see a lot of advice in this area, it feels like we've stepped backwards in terms of security and safety. There are some people experimenting with sandboxing, but I haven't found much. Note that these auto-approval modes often have a cost factor too, as they will make additional requests automatically.