Show HN: Fence – Jiminy Cricket for AI coding agents
TL;DR
Fence is a new open-source tool from hoop.dev, created during an internal 20 percent side-project window for the engineering team. The tool is meant to stop AI coding agents from running catastrophic shell commands, including rm -rf variants or sudo rm -rf $HOME. Founder Andrios says Fence goes beyond simple denylists by reading the likely intent behind a command, not just matching strings. hoop.dev currently uses Fence with Claude Code and Codex; Cursor support is planned only if adoption materializes.
Nauti's Take
Fence sounds like a small tool, but it tackles a large problem: agents should not be audited only after damage is done. Intent checking is more useful than plain string blocklists, but it needs proof: how reliably does it handle legitimate destructive commands, backups, test directories, or deliberate admin work?
The launch is still PR-heavy and has almost no visible traction in the snippet, but the direction is right: coding agents need airbags, not just better prompts.
Briefingshow
AI agents increasingly get terminal access, but their safety boundaries are often thin: prompt mistakes, hallucinations, or vague user instructions can cause real damage. Fence targets the gap between agent autonomy and operational safety. The interesting part is less the HN launch itself and more the move toward guardrails right before execution.