Giving sudo permissions to an agent seems reckless. Claude gets his own unprivileged UNIX account, no more. I don't bother with containers or VMs however.
Giving sudo permissions to an agent seems reckless. Claude gets his own unprivileged UNIX account, no more. I don't bother with containers or VMs however.
I mean, what's the worst that can happen? A complete takeover of the box by a hacker via prompt injection or something similar?