Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

    > A malicious AI could just add arbitrary code to your Vagrantfile
    > [...]
    > Claude could decide to fix/improve something by adding a commit hook.
You can fix this by confining Claude to a subdirectory (with Docker volume mounts, for example):

    repository/
    ├── sandbox <--- Claude lives in here
    │   └── main.py <--- Claude can edit this
    └── .git <--- Claude can not touch this


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: