We use both together. In practice, for containers to be useful, you often have to punch some holes: GitHub, Anthropic API, kube, other MCPs. Auto mode makes interacting with these safer. It significantly reduces the risks of accidental data deletion, exfiltration, and prompt