mccBy the way, if you go to https://github.com/claude and "block this user", every Github repo you visit containing code credited to Claude will actually have a warning sigil
CF
Erin Jonaitis@mcc interesting. I’m not sure about the sensitivity of this as a marker; when I go to a repository I use a lot, I don’t see this banner, but I do see a recently edited folder called .claude — am I misunderstanding when I assume that means some of the code has been written by this tool?
@emjonaitis The marker appears whenever a git commit is created with the "co-authored-by" label. This is something claude can be configured to not create:
Moreover, one assumes that this only occurs when claude actually *performs the commit*. I would assume there are means of using claude where claude changes the code on disk and then the co-authored-by does not appear. Unfortunately, I don't know how to get an answer to that question without talking to a claude user
@emjonaitis The .claude directory is, *as far as I know* (again, this is partially assumptions) configuration for claude to help it work with the codebase. Anyone who adds such a directory is essentially *inviting* claude commits. However technically they might not be using it to create code, they technically could be using it to answer questions about the codebase. Technically. One assumes this results in as much global warming as using it to write code however.
Kevin Granade@mcc @emjonaitis unless they are using it to poison the agents in question. I'm not poisoning a .claude directiory but I am poisoning a .github/copilot-instructions.md (we actually started getting some copilot-agent spam)
I do think I'd be a lot more hesitant to put an anti-agents node in the root directory since it would be more likely to be seen but not read, but also my software isn't a piece of infrastructure where people are looking at using it in that way.
I do think I'd be a lot more hesitant to put an anti-agents node in the root directory since it would be more likely to be seen but not read, but also my software isn't a piece of infrastructure where people are looking at using it in that way.
@kevingranade @emjonaitis yes, that's a frustrating problem, that the directory is slightly more likely to ward off anti-ai folks than it is "code assistants". one thing someone suggested is that if the commit message for the agents file says "block agents" or something the humans might notice this, but that assumes they're using something like github (which i think hides dotfiles anyway) and not just noticing a directory on their computer
@mcc @emjonaitis maybe touch files that will lexicographically sort next to it with names like .claude_DIRECTORY_IS_A_POISON_PILL
@kevingranade @emjonaitis Part of the problem is I do not know for a fact whether any one mitigation will be accepted by a "code assistant" without installing and activating a "code assistant", a thing I will not do. So like if it turns out it checks in .claude but not in .claude_poison, then maybe creating the .claude_poison directory creates the inconvenience of directory junk without having the effect I want.
@mcc @emjonaitis yea, in this specific case it's built into github so you can't *not* have it "installed", but that is a problem.
When we were adding it some people were proposing we add a bunch of different agent files, but when asked weren't actually testing them so what's the point.
Best answer I can come up with is someone takes it on as a infosec-style project and publishes a repo of agent poison pills you can simply incorporate.