alt Hacker NewsI mean, it depends on what you're doing but I force claude to always commit code every time it finishes a todo. It never seems to stop doing that, so I run it in dangerous mode on Zed. I get to review the code after the fact anyway.
Replies
pluralmonad • yesterday at 7:17 PM
The danger there is not that it commit bad things, but that as part of working the task it gets tricked into sending your env/secrets/credentials to prompt injectors. That would not show up in your commit diff.
Edit: At the very least, I would not allow it to do indiscriminate web searching.
The risk isn’t that it makes weird commits; it’s that it may decide to clean up stuff and delete more than desired.
- https://github.com/anthropics/claude-code/issues/4331
- https://github.com/anthropics/claude-code/issues/7787
- https://news.ycombinator.com/item?id=46268222