Link to issue for design submission

N/A

Proposed Design

Considering that gh CLI is a very comfortable tool to use with AI agents, more and more engineers install it on their machines and give permissions. However, it's not safe, in my opinion, especially considering recent leaks and vulnerabilities in NPM that used gh CLI to compromise the repos of engineers.

Considering that, I think we need to add an additional confirmation mechanism to "write" commands of gh CLI, such as PR creation or pushing the code, etc. That we have a config in the system, that would require an additional user confirmation for such commands.

Please let me know what you think about it, and maybe such a mechanism already exists in some variant. Thank you!