←back to thread

What makes Claude Code so damn good

(minusx.ai)
469 points samuelstros | 2 comments | 23 Aug 25 19:07 UTC | HN request time: 0.001s | source
1. noduerme ◴[24 Aug 25 10:00 UTC] No.45002908[source]
Claude Code has definitely attracted me as in, I would like to try it on a new project. But just speaking as a lone coder, it absolutely terrifies me to give something access to my whole system and CLI. I have one main laptop and everything is on it. All my repos and API keys and SSH keys, my carefully tuned dev environment...I have no idea what it might read or upload, let alone what it might try to execute. I'm tempted enough to try it that I might set up a completely walled-off virtual machine for the purpose, but then I don't know how much benefit I'd get from it.

Do you just let it run rampant on your system and do whatever it thinks it should, installing whatever it wants and sucking all your config files into the cloud or what?

replies(1): >>45004221 #
2. furyofantares ◴[24 Aug 25 13:47 UTC] No.45004221[source]
By default you have to approve every command it runs. I think most people end up allowing certain tools through unconditionally, like grep, but which is technical not bullet proof but feels pretty safe. The agent program also has some guardrails to prevent the model from working outside of the working directory you launched it from, that is also not bulletproof but in practice works pretty well.

You could set up a docker image and run it in that if you wanted.