Personally, I'd expect Claude Code not to have such far-reaching access across my filesystem if it only asks me for permission to work and run things within a given project.

▲

zingababba 5 days ago | parent | next [-]

Apparently they were using --dangerously-skip-permissions, --yolo, --trust-all-tools etc. The Wiz post has some more details - https://www.wiz.io/blog/s1ngularity-supply-chain-attack

	▲	CER10TY 5 days ago \| parent [-]
		That's a good catch. I knew these flags existed, but I figured they'd require at least a human in the loop to verify, similar to how Claude Code currently asks for permission to run code in the current directory.

▲

echelon 5 days ago | parent | prev [-]

This confusion is even more call for a response from these companies.

I don't understand why HN is trying to laugh at this security and simultaneously flag the call for action. This is counterproductive.

	▲	TheCraiggers 5 days ago \| parent [-]
		Probably because "HN" is not an entity with a single mind, but rather a group of millions each with their own backgrounds, experiences, desires, and biases? Frankly it's amazing there's ever a consensus.