Antony MarcanoFeb 19

I've said this before, please use a container for your AI coding assistant(s)! It's not just about what it can do to your filesystem...

I've spoken to so many devs this week who aren't using a container!

Remember, it can also access all of your environment variables. API keys? Other secrets?

And then there's Slopsquatting, before you know it, you've got malware installed.

In a container, the blast radius is limited.

e.g: https://code.claude.com/docs/en/devcontainer

Show threadmrangeFeb 19
@antonymarcano but why don't anthropic and MS ship it in a container? It seems the product isn't ready?
Show threadAntony Marcano

@range_marten I cannot say, however, I can speculate that people may want to containerise it in their own ways suited to their environments.

They do provide links to a reference container that you can use.

Feb 19 at 3:23pmWeb
Show threadmrangeFeb 21
@antonymarcano Thanks. Will check it out