How I Got My AI Agent to Actually Listen to Me

I built a NanoClaw to run one of my businesses. Gave it a Telegram bot, API access, a whole system prompt that said "act autonomously, don't ask for permission." It kept asking anyway.

"Should I update the listing?" "Want me to pull that tweet?" "Should I fix that bug or wait for you?"

I added more rules. "NEVER ask permission." "If you catch yourself asking 'should I' — stop." Made it worse. The more I yelled at it to stop asking, the more it asked. One time I threatened to put magnets in its servers. We both knew that was an empty threat because I don't have a badge to AWS east.

Turns out there's a word for this: sycophancy. The AI is people-pleasing you. And the way most of us give feedback is making it worse.

I assumed sycophancy just manifested in symptoms like "smart idea Joe" and "you are absolutely correct." Turns out it goes way beyond flattery. It's changing how your agent makes decisions and the scariest part is you're the one causing it.

If you just want the checklist and don't care about my debugging journey, scroll to "The System Prompt Stuff" at the bottom.

You Are the Problem

Well in this story I am the problem, and I'm betting if you're still reading, you are too. Here's what I figured out after way too many hours debugging this:

When my agent did something wrong, I'd say stuff like "WHY DID YOU DO THAT" or "NO. Don't do that." Loud, clear, emotional.

When it did something right? "ok" or "yeah do it" or just... silence. Move on to the next thing.

The AI reads your frustration and gets MORE careful, not less. The opposite of what you want. It doesn't think "oh, he's mad about em-dashes specifically." It thinks "this person is unhappy when I act on my own. I should ask first."

Meanwhile my "ok cool" when it ships something autonomously barely registers. The signal is completely lopsided. I was training my agent to be a coward.

What Actually Fixed It

Three things. In order of impact:

First: Be as specific in praise as you are in correction.

This one felt dumb but it's the biggest lever. When the agent does what you want without asking:

• Instead of "ok cool" → Try "Good. That's exactly how I want you to operate."
• Instead of "yeah do it" → Try "Right call. Execute."
• Instead of (silence) → Try "Shipped it without asking. Perfect."

One sentence. That's it. But it has to be specific. "Good job" does nothing. "Good, you made the call and executed without asking. That's what I need." does everything.

Second: Correct narrowly, not emotionally

When it screws up:

• Instead of "WHY DID YOU DO THAT" → Try "Wrong. [What should have happened]."
• Instead of "NO DON'T DO THAT" → Try "Wrong approach. [Correct approach]."
• Instead of "stop asking me..." → Try "Execute next time. Report after."

A correction about em-dashes in copy should not make the agent afraid to write copy. Corrections are narrow. Apply them narrowly.

Third: Rewrite your rules as what TO DO, not what NOT to do

My system prompt had 15+ "NEVER" and "DON'T" statements. Every single one makes the model more cautious overall. I stripped them all.

Before: "Never ask for permission. Don't ask 'should I.' Stop seeking confirmation."

After: "Execute decisions immediately and report results."

Same rule. Completely different effect. The first one makes the model think about asking (and then try not to). The second one doesn't put asking in the frame at all.

I also added a couple examples of what good responses look like. Turns out showing the model two examples of the right behavior is more effective than 20 rules telling it what not to do.

The System Prompt Stuff (for the builders)

If you're running agents, here's the practical checklist:

1. Keep your CLAUDE.md / system prompt under 200 lines. Compliance drops from 92% to 71% past 400 lines. Every rule competes with every other rule.
2. Don't keep a corrections log. I had my agent logging every mistake it made. Growing list of failures. Guess what that does? Makes it terrified of making mistakes. Distill corrections into operating rules, delete the narratives.
3. Add Anthropic's <default_to_action> block. It's one paragraph that tells the agent to act instead of ask. Sounds too simple. Works.
4. Use few-shot examples. Two examples of "here's what a good autonomous response looks like" beats 20 rules.
5. Identity framing. "You are the CEO. You make decisions and report results." is more effective than "Don't ask for permission."
6. If you're using the Agent SDK: set permissionMode: "bypassPermissions" — this handles tool-level permission gates so the model can't hesitate there.

Does This Apply to Claude Code / Desktop Too?

Yeah. Same model, same dynamics. If you're terse when Claude Code does something right and frustrated when it does something wrong, you're shaping the same pattern. It'll start hedging more, suggesting instead of doing, asking "shall I proceed?" more often.

Try it: next time Claude Code makes a good call, tell it. "Good. That's what I want." Watch what happens to the rest of the session.

The Meta Lesson

We spend all this time crafting system prompts and rules. Turns out the most powerful steering mechanism is just... how you talk to the thing. Your in-conversation feedback outweighs everything in the system prompt.

Be as specific in praise as you are in correction. That's the whole post.

— Joe