How much do you trust AI agents?

Interestingly, I find the AI trust question connects to how we use our phones in general. I'm building Tomosu — an iOS app where your phone starts quiet by default and you consciously unlock apps when you need them. The "do I really need this right now?" friction applies to AI agents too. Would love to hear your thoughts!

i run an ai agent that has access to my email, calendar, browser, and messaging. it drafts emails, posts on social media, and manages my spreadsheets while i sleep. sounds insane but after a few weeks you stop thinking about it the same way you stopped thinking about autofill having your credit card.

the real question isnt trust vs no trust, its what guardrails you set up. mine cant send emails without me approving the draft first. cant post publicly without a review step. but it can read, organize, research, and draft freely. thats the line that works for me - read access is wide open, write access has a human gate.

I feel like the more I use them, the less I trust them. The more I want to box them into a corner. I think it's directly related to how powerful they feel now.

Not just securtiy, the biggest problems come from DB migrations. Agents are guilty of making breaking changes and then not highlighting the breaking change. I shy away from trusting them with likely breaking changes, things that will likely change the DB topology.

After reading the tweet from Summer Yue at Meta, I think I'll hold off with clawdbot for a little bit longer

https://x.com/summeryue0/status/2025774069124399363?s=20

I think that its moreso that people are extremely eager to have someone or something solve and handle their problems and challenges. AI agents are positioned as the ultimate solution and so people are willing to take any risk involved if it means solving any painful challenges they face in their day to day.

i run an AI agent 24/7 on my machine and honestly the trust thing is less binary than people make it. its not "trust or dont trust" - its about scoping what the agent can touch.

the biggest unlock for me was treating it like hiring a junior dev. you dont give them prod database access on day one. same with agents - start with read-only stuff, let it draft things, review for a week, then slowly open up write access to specific tools. ive had mine managing my calendar, checking emails, even doing research tasks for weeks now and the failure mode isnt "it goes rogue" - its more like it misunderstands context and does something slightly wrong. which is... exactly what humans do too.

the finance stuff i agree with though. anything involving money stays manual. not because the agent cant do it but because the cost of a mistake is too high and theres no undo button.

I trust everything I can control and validate. May be it is a little bit conservative, but it works for me

Decently personal communications, maybe just bots for business needs.

About financial part I’m good to delegate but asking for approve with details for each move

hot take but i think everyone here is worried about the wrong thing. the real risk with agents isnt data leakage or rogue bank transfers. its compounding errors over time that look fine individually but add up to something broken. ive been running coding agents continuously for months and the scariest moments werent security incidents, they were subtle logic drift where the agent confidently made a series of reasonable-looking decisions that were collectively wrong. nobody noticed until the output was way off.

the fix isnt restricting access, its making every action reversible. trash over rm, drafts over sends, branches over direct commits. if you design your workflow so nothing is permanent until a human says so, you can give agents surprisingly broad access without losing sleep.