←back to thread

Claude in Chrome

(claude.com)
296 points ianrahman | 3 comments | 20 Dec 25 21:26 UTC | HN request time: 0.665s | source
Show context
yoan9224 ◴[21 Dec 25 17:40 UTC] No.46346559[source]
The security concerns here are valid, but I think people are missing the practical reality: we've already crossed the Rubicon with tools like Claude Code and Playwright MCP.

I've been running Claude Code with full system access for months - it can already read files, execute bash, git commit, push code. Adding browser automation via an extension is actually less risky than what we're already doing with terminal access.

The real question isn't "should we give AI browser access" - it's "how do we design these systems so the human stays in the loop for critical decisions?" Auto-approving every action defeats the purpose of the safety rails.

Personally, I use it with manual approval for anything touching credentials or payments. Works great for QA testing and filling out repetitive web forms.

replies(4): >>46346660 #>>46346909 #>>46347106 #>>46348100 #
1. jazzyjackson ◴[21 Dec 25 17:50 UTC] No.46346660[source]
I would personally feel a lot better with a container first approach, like attaching an LLM to QubesOS windows, so the non-deterministic chaos monkey can only effect what you want them to effect

This is easy enough with dev containers but once you let a model interact with your desktop, you should be really damn confident in your backup, rollback, and restore methods, and whether an errant rm rf or worse has any way to effect those.

IME even if someone has a cloud drive and a local external drive backup they've never actually tested the recovery path, and will just improvise after an emergency.

A snapshotted ZFS system pushing to something like rsync.net (which also stores snapshots) but I don't know of any timemachine-in-a-box solutions like Apple offers (is there still a time machine product actually? Maybe it's as easy as using that, since a factory reset Mac can restore from a time machine snapshot)

replies(1): >>46347533 #
2. what-the-grump ◴[21 Dec 25 19:30 UTC] No.46347533[source]
People are using these tools to write code, complete tasks, etc. your worry is that what... It will rm -rf /* something?

I am not trying to be funny but the Claude itself is smart enough to catch destructive actions and double check. Its not going to wake up and start eating your machine, googling a random script and running it which what a lot of people do in many cases leads to worse outcomes, here at least you can ask the model what might happen to my computer.

replies(1): >>46348013 #
3. jazzyjackson ◴[21 Dec 25 20:17 UTC] No.46348013[source]
Pushing your repo is all well and good, I just don't understand why someone would expose their user files on a personal machine