When the agent uses your GH credentials to nuke all your projects or put out a lot of crap, this separation will not save you.
When the agent uses your GH credentials to nuke all your projects or put out a lot of crap, this separation will not save you.
whitelisting `gh` args should solve it. Event opencode's primitive permission system allows that.