17 / 1773

Show HN: Fence – Jiminy Cricket for AI coding agents

TL;DR

Fence is an open-source guardrail from hoop.dev for AI coding agents. It aims to stop dangerous tool calls before they execute. Instead of blocking only fixed strings, Fence evaluates command intent: variants of 'rm -rf ~', secret exfiltration, disk wipes and similar actions are meant to be caught. The tool works through agent hooks, offers setup paths for Claude Code and Codex, and lists Cursor plus Gemini CLI as future targets.

Nauti's Take

Fence lands on a real weak spot in agent work: teams debate model quality while letting the agent act with the same permissions as the developer. Semantic rules make more sense than blunt denylists because dangerous commands rarely look exactly like the example.

Still, this is local self-protection, not a company-wide compliance control. Anyone using coding agents seriously should test this kind of hook, while staying honest about what it does not solve.

Briefingshow

Coding agents run with your local permissions. If prompt injection, a bad instruction or an agent mistake triggers a shell command, the damage can happen before review catches up. Fence points to the real control question: not only which model writes code, but what checks commands right before execution?

Sources