zlacker

[parent] [thread] 13 comments
1. levkk+(OP)[view] [source] 2026-02-04 20:24:04
So... I already tell Claude Code to do this. Just run kubectl for me please and figure out why my helm chart is broken.

Scary? A little but it's doing great. Not entirely sure why a specialized tool is needed when the general purpose CLI is working.

replies(8): >>hebeje+p1 >>hivacr+T1 >>irl_ze+a9 >>aspect+pa >>bakies+5b >>messh+6d >>peterl+cK >>richst+Qa1
2. hebeje+p1[view] [source] 2026-02-04 20:29:34
>>levkk+(OP)
Yeah. The times I have let claude off the read-only leash, it's gone fine for me too (with stern warnings not to do anything stupid, and a close eye). But that's not really solving the same problem as this project, I guess. From what I can see this is using a safer and more reproducible method (and not k8s native, so it feels a little foreign to me).
replies(2): >>gianca+M1 >>peterl+nK
◧◩
3. gianca+M1[view] [source] [discussion] 2026-02-04 20:31:04
>>hebeje+p1
In Zed I just have it auto approve everything, macOS will scream if "Zed" tries to escape the folder its in anyway.
4. hivacr+T1[view] [source] 2026-02-04 20:31:11
>>levkk+(OP)
I do the same. I was thinking about creating read-only kubeconfigs for him to make sure it can't do bad stuff but with a good SKILL.md, it works perfectly.
replies(1): >>levkk+D6
◧◩
5. levkk+D6[view] [source] [discussion] 2026-02-04 20:49:46
>>hivacr+T1
Him! That settles the Turing test debate.
6. irl_ze+a9[view] [source] 2026-02-04 21:00:58
>>levkk+(OP)
I've noticed a lot of LLM-based tools that are essentially this sort of thing. Just a slightly more specific prompt wrapper around the core capability that can already do the thing. It's so bad.
replies(1): >>uoaei+IX
7. aspect+pa[view] [source] 2026-02-04 21:07:09
>>levkk+(OP)
Lol, that does sounds a little scary but if it works it works. Mainly I built this to prevent there being a chance that changes affect production. This is meant to be used with scale (say hundreds of VMs) vs 1. From a safety perspective running Claude Code with just a watchful eye would not fly in my environment, which is why I built something like this.
replies(1): >>levkk+Fv
8. bakies+5b[view] [source] 2026-02-04 21:10:50
>>levkk+(OP)
I let it read-only and gitops driven and find it's really good and feels pretty safe to get it to PR fixes. Run it with no permission checks
9. messh+6d[view] [source] 2026-02-04 21:19:21
>>levkk+(OP)
Yeah, I'm telling it to use aws cli to spin up instances, configure them, start servers, read cw logs etc.
◧◩
10. levkk+Fv[view] [source] [discussion] 2026-02-04 22:58:29
>>aspect+pa
More power to you! Good luck!
11. peterl+cK[view] [source] 2026-02-05 00:31:50
>>levkk+(OP)
I do this but make sure to only have readonly/nondestructive access. It's extremely cool how well it works.
◧◩
12. peterl+nK[view] [source] [discussion] 2026-02-05 00:33:02
>>hebeje+p1
Opus 4.5 is pretty good about following instructions to not do anything destructive, but Gemini 3 Flash actively disregards my advice and just starts running commands. Definitely recommend setting up default-readonly access for stuff like this and requiring some kind of out-of-band escalation process for when you need to do writes/destroys.
◧◩
13. uoaei+IX[view] [source] [discussion] 2026-02-05 02:21:36
>>irl_ze+a9
That has been the case this entire time. The "ChatGPT-wrapper" startups were little more than a webapp frontend for ChatGPT with a clever prompt.
14. richst+Qa1[view] [source] 2026-02-05 04:23:53
>>levkk+(OP)
Same. I’ve had good results with read only accounts / tokens and let the agent have at it. Also works with terraform, aws cli, etc.

One does not need a new/separate tool to do any of this, just include it in your agents instructions.

[go to top]