Warp sends a terminal session to LLM without user consent

94 points by ykurtov ↗ HN
Wonder how being used feels like? One way to experience that is to discover that your terminal silently started to send command outputs to LLMs.

Today, I got an LLM suggestion on how to fix a syntactic error after following an attempt to run a test.

So, I went on to Warp's Discord to ask what's going on, and sure enough, their "Friendly support bot" and I discovered that.

> Warp has introduced features like Prompt Suggestions and Next Command that use LLMs to provide contextual suggestions. These features are part of Warp's Active AI system, which proactively recommends fixes and next actions based on your terminal session, including errors, inputs, and outputs.

"Proactively" here also means without explicit user consent.

I did enjoy Warp, but that breach of trust is so enormous I'm removing it just now.

This tells volumes about ethics and what's important.

Ref: https://docs.warp.dev/agents/active-ai

16 comments

[ 3.2 ms ] story [ 36.4 ms ] thread
I'm sorry but this should have been obvious once the "terminal" asks you to authenticate to a remote account. Yeah, thanks but no thanks.
very concerning.
Both Prompt Suggestions and Next Command are settings you can disable.
I tried Warp once. Well, tried to install it. But when I ran it, instead of giving me a terminal, it showed me a login prompt. Perhaps I mistakenly downloaded a login prompt app instead of a terminal app? ;) Either way, I promptly uninstalled it as I needed a terminal app and not whatever that was.
It’s absolutely insane they managed to raise 50M dollars. Now they’re shooting for a desperate AI pivot that no one wants.
Anyone got a recommendation for a replacement? I'm currently using Warp and the history/context-aware autocomplete-on-meth is nice, but I don't use any of the new agentic features.
So does every AI agent such as Claude Code. I’ll take the privacy risk for the 10x increase in productivity. To help mitigate the security risk I will be encrypting environment files and rotating secrets far more often.
Yeah I had such high hopes for Warp before it launched and then it's slowly enshittified. Turns out Ghostty was what I wanted all along.
Isn't the express purpose of Warp to be an AI-centric terminal? What's the use case for doing stuff in Warp that you don't want sent to an LLM vs. using a regular terminal?
Terminal is the only app where you don't want any AI/Cloud integration, trust me
Warp must be hemorrhaging all of their cash if they stoop so low as to try to scam _developers_

Bye bye, Warp. Trash product. Trash leadership.

> Wonder how being used feels like?

It’s a VC backed company. You should already know what it feels like

I just use a basic script which runs the terminal text i type and replaces the current text buffer with AI suggested on when i hit a key combo.
Yeah, its well known that Warp is a terminal that tries to harvest your command line executions and all keypresses.

I've been recommending to people, if you had Warp installed and accidentally typed in or viewed secrets or passwords in it, you may wish to change your passwords and secrets as they are now part of an LLM training set.

Many companies have banned AI tools like Warp due to the inherent security risk.

random aside but i wish warp supported atuin