Tags
Here's my thought on 💭 A quote from Claude
damn this is a rough one. A users entire home directory removed by claude code from an rm command.
rm -rf tests/ patches/ plan/ ~/
Reading the first half of that command it LGTM. If you had approved rm, you are hosed. If this is inside a larger script its running, you really gotta read close. This one still feels pretty obvious, but I can imagine some bash doing some nasty things I miss if I read it and understand it let alone glance at it.
I'll take this as a reminder that I really need to be paying full-ass attention to agents, and moving towards a better sandbox for them, something in docker, maybe something like distrobox that is a magic wrapper over podman that just gives you the things you need for what it does. Something that starts up with access to start web servers, run agentic cli of choice, see project, git commit. It feels like the right thing has a lot of what distrobox does, but distrobox has too much and would be prone to this using it as I've used it in the past.
Note
This post is a thought. It's a short note that I make about someone else's content online. Learn more about the process thoughts
This post was a thought by Waylon Walker see all my thoughts at https://waylonwalker.com/thoughts