claude code literally runs on your host machine and can run arbitrary commmands.
the fact that these agents are shipped without sandboxing by default is insane and says a lot about how little these orgs value security.
claude code literally runs on your host machine and can run arbitrary commmands.
the fact that these agents are shipped without sandboxing by default is insane and says a lot about how little these orgs value security.
Yes but at least Claude code targets developers.
Its a lot like the install instructions you see for libraries: curl ... | sh
Security nightmare, disaster waiting to happen. Luckily normal users never do that so it hasn't broken the mainstream and developers "should" know better. So that's why nobody cares that they do it.
I think the implication is that developers "should" be smart enough to run Claude code in some kind of container or VM already with the rest of their dev tools. Kind of like how developers "should" be thoroughly reading an install script before piping it into a shell.
Do they? Probably not.
claude code expects to be running on the host machine, its insecure by design.
you can containerize it, which I do, but then you are going to need to spend some time updating claude.md and constantly fighting the agent because it fails to understand that it is running in a container / vm.
its a stupid design, and the people running these things directly on their hosts are nuts.