2 / 1759

Show HN: Fence – Jiminy Cricket for AI coding agents

TL;DR

Andrios, founder of hoop.dev, introduced Fence on Hacker News as an open-source safety tool for AI coding agents such as Claude Code and Codex. Fence is meant to stop dangerous commands before execution, including variants of `rm -rf` or `sudo rm -rf $HOME`, when an agent is confused or poorly prompted. The pitch is that Fence goes beyond a denylist by reading command intent instead of matching only strings. Cursor support is planned only if adoption appears.

Nauti's Take

Fence targets a real weak spot: agent safety is not just model evaluation, it is runtime control right before an action happens. The idea is sensible, but the announcement is thin until there are serious tests, bypass examples, and false-positive numbers.

If it only catches obvious disasters, it is still useful. If it can robustly infer intent, it becomes much more interesting for agentic coding.

Briefingshow

AI coding agents increasingly get shell access, which turns one bad prompt into a real system risk. Intent-based protection could be useful if it is harder to bypass than simple string matching. The real test is whether Fence can be reliable without blocking normal developer workflows too often.

Sources