Hacker News

3265 readers

396 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 1 year ago

MODERATORS

patrick@lemmy.bestiver.se

rssbot@lemmy.bestiver.se

Claude Code's DX is too good. And that's a problem (www.bharath.sh)

submitted 6 days ago by rssbot@lemmy.bestiver.se to c/hackernews@lemmy.bestiver.se

11 comments fedilink hide all child comments

Comments

you are viewing a single comment's thread
view the rest of the comments

[–] velindora@lemmy.cafe 4 points 6 days ago (9 children)

Claude installed every CLI, prompted me to login once, then went into autopilot.

Claude asked if it could SSH into my Hetzner instance to investigate. I said yes.

I’m all for AI tools—but I have security issues with letting anything in like this. Even if it worked once, they change things. Each update requires its own investigation to see if the outcome is the same.

[–] Shadow@lemmy.ca 1 points 6 days ago (1 children)

It'll ask you before running every command. It's not just running blindly, unless you let it do so.

[–] velindora@lemmy.cafe 1 points 6 days ago (1 children)

Sounds like this person let it. But still, what if the command is long, lots of arguments, pipes, and confusing commands?

I think most people would probably just allow it. I’m not saying I wouldn’t… but this all makes me very nervous, because it fails in small ways pretty often

[–] rikudou@lemmings.world 2 points 6 days ago

I always read the whole command, otherwise it could do whatever. I generally let it have read+write access in the project directory (it's in git anyway) and manually review every command it wants to run.

load more comments (7 replies)