Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I recommend caution with this bit:

  --bind "$HOME/.claude" "$HOME/.claude"
That directory has a bunch of of sensitive stuff in it, most notable the transcripts of all of your previous Claude Code sessions.

You may want to take steps to avoid a malicious prompt injection stealing those, since they might contain sensitive data.



Heya- The reason I add this directory is because Claude needs read/write permissions for getting new auth tokens.

Without this, you'll have to re-login to Claude every time. Breaks the speed of development.

I'm going to do some experimenting to see if I can make this bind more precise.


I think that the rw directories should not be shared among projects. Maybe there should be separate copies even for what gets mounted into $HOME/.nvm


Wonderful insight! Thank you!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: