alt Hacker NewsUsing Claude Code and Amp (free mode) with no sandbox.
I don't run Claude Code in YOLO mode, I just approve commands the first time I'm asked about them.
Using them since July I haven't found any problem with data loss and the clanker have not tried to delete my $HOME.
I do similar but it's incredible how our threat model has changed so much to allow this. I have to trust this one node package (and all its dependencies) and Anthropic more than I trust my email provider, my ISP or my browser.
Who'd have imagined remote code execution as a service would have caught on as much as it has!