Malicious versions of Nx and some supporting plugins were published

Claude code is by all accounts a revolutionary tool for getting useful work done on a computer.

It's also:

- a NodeJS app

- installed by curling a shell script and piping it into bash

- an LLM that's given free reign to mess with the filesystem, run commands, etc.

So that's what, like 3 big glaring vectors of attack for your system right there?

I would never feel comfortable running it outside of some kind of sandbox, e.g. VM, container, dedicated dev box, etc.

None of this is the concerning part. The bad part is that it auto-updates while running without intervention - i.e. it is RCE on your machine for Anthropic by design.

So we’re declaring all software with auto-updaters as RCE? That doesn’t seem like a useful distinction.

That’s pretty much the definition. Auto updating is trusting the developer (Almost always a bad idea).

Simply running the software means trusting the developer. But even then, do you really read the commits comprising the latest Firefox update? How would I review the updates for my cell phone? I just hit "okay", or simply set up auto updates.

I trust Debian, and I do trust Firefox. I also trust Node, NPM, and Yarn. But I don’t trust the myriad packages in some rando projects. So who I trust got installed by apt. Anyone else is relocated to a VM or some kind of sandbox.