Ask HN: How comfortable are we with agents everywhere?
12 hours ago
I just installed Zed editor, it prompts me if I want to use Claude. I say yes, it open a side bar. I ask it "What files can you see?" It runs a series of ls commands and shows me my whole home dir. Including private ssh keys. (It was a free version of Claude, I didn't enter any credentials.)
How do we feel about this? Sure, any program can do anything weird, scan for my files etc. But somehow these agents can really do unexpected stuff. When do they decide something has to be uploaded to Anthropic? What happens there? People consider dropping sensitive data into Chat windows in browsers as data leaks, what is this?
I don't know how to feel...
I just finished writing down an "incident" in our quality manual. I used Claude Code on my /etc/nixos dir and there were some plain text smb credentials in that dir. I felt pretty bad about it. Then I try Zed and this happens.
Is it all just about trusting Anthropic? As it is with any (non sandboxed) app? Am I over-reacting?