The YOLO mode problem. How do you handle AI agent permissions?

Real question for anyone running coding agents daily.

I started counting how often Claude Code and Codex ask for permission during a typical session. It's around 100 prompts per hour. Read file? Yes. Run test? Yes. Lint? Yes. git push --force? Also yes if you're zoned out.

The industry gives you two modes right now:

1. Approve everything manually. Safe, but you're handcuffed to the terminal.

2. Skip all permissions. Fast, until rm -rf ./src happens and now you're having a different kind of day.

No agent has per-tool rules built in. No "auto-approve reads, escalate deletes."

How are you dealing with this?

- Approving everything manually?

- Running YOLO mode and trusting the vibes?

- Built custom scripts?

- Just avoiding dangerous tools entirely?

I'm building something in this space and trying to figure out if per-tool permission rules are what people actually want, or if most devs are fine with the binary choice.