Comment by aantix
1 day ago
Has anyone run with `dangerously skip permissions` and had something catastrophic happen?
Are there internal guardrails within Claude Code to prevent such incidents?
rm -rf, drop database, etc?
1 day ago
Has anyone run with `dangerously skip permissions` and had something catastrophic happen?
Are there internal guardrails within Claude Code to prevent such incidents?
rm -rf, drop database, etc?
I don't know about Claude Code, but here's my story. With Replit, I have a bunch of tasks that I want Replit to do at the end of a coding session -- push to Github, update user visible Changelogs, etc. It's a list in my replit.md file.
A couple of weeks ago I asked it to "clean up" instead of the word I usually use and it ended up deleting both my production and dev databases (a little bit my fault too -- I thought it deleted the dev database so I asked it to copy over from production, but it had deleted the production database and so it then copied production back to dev, leaving me with no data in either; I was also able to reconstruct my content from a ETL export I had handy).
This was after the replit production db database wipe-out story that had gone viral (which was different, that dev was pushing things on purpose). I have no doubt it's pretty easy to do something similar in Claude Code, especially as Replit uses Claude models.
Anyway, I'm still working on things in Replit and having a very good time. I have a bunch of personal purpose-built utilities that have changed my daily tech life in significant ways. What vibe coding does allow me to do is grind on "n" of unrelated projects in mini-sprints. There is personal, intellectual, and project cost to this context switching, but I'm exploring some projects I've had on my lists for a long time, and I'm also building my base replit.md requirements to match my own project tendencies.
I vibe coded a couple of things that I think could be interesting to a broader userbase, but I've stepped back and re-implemented some of the back-end things to a more specific, higher-end vibe coded environment standard. I've also re-started a few projects from scratch with my evolved replit.md... I built an alpha, saw some issues, upgraded my instructions, built it again as a beta, saw some issues... working on a beta+ version.
I'm finding the process to be valuable. I think this will be something I commit to commercially, but I'm also willing to be patient to see what each of the next few months brings in terms of upgraded maturity and improved devops.
Claude Code has minimal internal guardrails against destructive operations when using --dangerously-skip-permissions, which is why it's a major security risk for production environments regardless of how convenient it seems.
An over eager helm update lead to some "uh oh, I hope the volume is still there" and it was. Otherwise no, haven't had anything bad happen. Of course, it's just a matter of time, and with the most recent version it's easy to toggle permissions back on without having to restart Claude Code, so for spicy tasks I tend to disable YOLO mode.
It commits sometimes when I'm not ready, that's about it.
I run it locally all the time. Nothing catastrophic happened so far.