| ▲ | theptip 6 hours ago | |||||||
It’s a risk/convenience tradeoff. The biggest threat is Claude accidentally accesses and leaks your ssl keys, or gets prompt-hijacked to do the same. A simple sandbox fixes this. There are theoretical risks of Claude getting fully owned and going rogue, and doing the iterative malicious work to escape a weaker sandbox, but it seems substantially less likely to me, and therefore perhaps not (currently) worth the extra work. | ||||||||
| ▲ | bjackman 4 hours ago | parent [-] | |||||||
How does a simple sandbox fix this at all? If Claude has been prompt-hijacked you need a VM to be anywhere near safe. | ||||||||
| ||||||||