As I think about how command line AI tools can be used, I know it's already a bit of the wild west not disimilar to the way we install npm modules. I've seen a bit of writing about how these tools should be run in a controlled sandbox (because they can mess with the surroudning environment), and this is a nice digestable post with working examplse of Dockerfiles.
Source: thingsithinkithink.blog