| ▲ | SAK_ATAK 2 hours ago | |||||||
I don't understand how this is gonna fly for enterprise security and compliance. Claude needs to inherit permissions from somewhere, and those permissions will never align with the members of a slack channel. And finding the lowest common denominator of access probably results in a dumbed-down, useless experience. The only way it works is if customers truly start treating agents as humans with the same liability as an employee. | ||||||||
| ▲ | KptMarchewa 5 minutes ago | parent | next [-] | |||||||
What permissions? I believe this does not actually _modify_ anything, just creates PRs. _Humans_ merge them. | ||||||||
| ▲ | mukbangpervert 35 minutes ago | parent | prev | next [-] | |||||||
Meanwhile, at an actual enterprise, we have lots of Slack channels where membership is controlled by an LDAP group... so this would be a non-issue. | ||||||||
| ▲ | kylecazar an hour ago | parent | prev | next [-] | |||||||
An admin scopes permissions on a per-channel basis. It doesn't allow external actions until an owner specifically provisions that tool for that channel. I think. But people can be invited to a channel after @Claude is provisioned. So yeah, I suppose you'll need to be deliberate about channel memberships. | ||||||||
| ||||||||
| ▲ | pants2 an hour ago | parent | prev [-] | |||||||
I built something similar at my org. Users simply connect the agent via OAuth and that inherits all of their permissions, so it acts as them. What's cooler is then it can view/add/remove people from channels, so it can conduct access reviews -- overall I consider it a security improvement. | ||||||||