Claude Code nails developer experience. But as capabilities grow, so does complexity. The best tools disappear - they don't become things you have to manage.
Claude installed every CLI, prompted me to login once, then went into autopilot.
Claude asked if it could SSH into my Hetzner instance to investigate. I said yes.
I’m all for AI tools—but I have security issues with letting anything in like this. Even if it worked once, they change things. Each update requires its own investigation to see if the outcome is the same.
Sounds like this person let it. But still, what if the command is long, lots of arguments, pipes, and confusing commands?
I think most people would probably just allow it. I’m not saying I wouldn’t… but this all makes me very nervous, because it fails in small ways pretty often
I always read the whole command, otherwise it could do whatever. I generally let it have read+write access in the project directory (it’s in git anyway) and manually review every command it wants to run.
Humorously, I started a new job about a year ago, and they still won’t give me SalesForce access, yet some of my job is integration. But, my 1up has no problem letting AI have full access to the API. 😤
The silver lining is I can say “gosh I don’t have access” to avoid working with SalesForce.
Guess I have been gifted with pretty reasonable 1ups, as far as the work part goes.
Problems mostly were with he 2ups and 3ups.
In a company that I had left before, to shift to only get work that could be WFH’d, a new policy came up in which people could not read documents in general, regardless of their origin.
So when I told the dev (the one who took my place) that they could find a document required to make a query, in some specific place on the local drive of a computer that I had set up, they said that it would be a problem.
And that was after me having setup doxygen and all related practices of adding comments to create documentation and set up a local server and CI/CD[1] to deploy the documentation on it.
My 1up Has been working by himself for the last 10 years, so he has trust issues and trouble working with differing code opinions. I would fight for more control, but honestly after 20 years in this industry, I’m perfectly fine doing only what is assigned to me.
I tell them I can’t and why. Put it back on their plate. Just make sure every communication is documented in text. If they fire me, unemployment is a great 6 month vacation. 😅
I’m all for AI tools—but I have security issues with letting anything in like this. Even if it worked once, they change things. Each update requires its own investigation to see if the outcome is the same.
It’ll ask you before running every command. It’s not just running blindly, unless you let it do so.
Sounds like this person let it. But still, what if the command is long, lots of arguments, pipes, and confusing commands?
I think most people would probably just allow it. I’m not saying I wouldn’t… but this all makes me very nervous, because it fails in small ways pretty often
I always read the whole command, otherwise it could do whatever. I generally let it have read+write access in the project directory (it’s in git anyway) and manually review every command it wants to run.
I think it like this.
Would you give full access to some other person that you:
No to all of the above.
Humorously, I started a new job about a year ago, and they still won’t give me SalesForce access, yet some of my job is integration. But, my 1up has no problem letting AI have full access to the API. 😤
The silver lining is I can say “gosh I don’t have access” to avoid working with SalesForce.
Guess I have been gifted with pretty reasonable 1ups, as far as the work part goes.
Problems mostly were with he 2ups and 3ups.
In a company that I had left before, to shift to only get work that could be WFH’d, a new policy came up in which people could not read documents in general, regardless of their origin.
So when I told the dev (the one who took my place) that they could find a document required to make a query, in some specific place on the local drive of a computer that I had set up, they said that it would be a problem.
And that was after me having setup
doxygenand all related practices of adding comments to create documentation and set up a local server and CI/CD[1] to deploy the documentation on it.fancy words for a shell script :P ↩︎
My 1up Has been working by himself for the last 10 years, so he has trust issues and trouble working with differing code opinions. I would fight for more control, but honestly after 20 years in this industry, I’m perfectly fine doing only what is assigned to me.
Except when they tell you to start using a new library, but you can’t read documentation.
And finish the feature within the day.
I tell them I can’t and why. Put it back on their plate. Just make sure every communication is documented in text. If they fire me, unemployment is a great 6 month vacation. 😅