I think he likely means "code that is hand-reviewed" and not directly controlled by the agent. He's probably meaning to differentiate it against the in-process agent writing the code. It doesn't matter too much if that fixed code was written by an LLM under guidance and review of the SWE, outside the agent.
replyAgreed, “literally written by hand” didn’t cross my mind. Not by keyboard or pen.
replyAhh ok - that's fair enough - hand-reviewed/not controlled by the agent seems a sensible approach (wasn't sure if it was instructive of a complete distrust of AI generated code)
replyMaybe not hand-written, but definitely static, and at least human-reviewed/tested to only allow sending to previously-validated email addresses.
replyRight, as in, does not accept an email as a parameter. If its anything like my company they are turning out "agents" super fast and just hooking them up to internal APIs usually via a light MCP wrapper. Since MCP doesn't have any security or auth built in, and internal APIs usually are light on security you have issues like this.
reply