undefined | Better HN

0 pointsspacebanana77mo ago0 comments

Conceivably couldn’t a post install script be used for the malicious dependency to install its own instance of Claude code (or similar tool)?

In which case you couldn’t really separate your dev environment from a hostile LLM.

0 comments

christophilus7mo ago

I run npm in the container, too, along with my dev tooling. They’d have to break out of the container, which I’m sure is possible, but is a good bit harder than just running an arbitrary nom script.

anon70007mo ago

Yes, though the attackers would have to pay for an account. In this case, it’s using a pre-installed, pre-authorized tool, using your own credits to hack you

j / k navigate · click thread line to collapse

0 pointsspacebanana77mo ago0 comments

Conceivably couldn’t a post install script be used for the malicious dependency to install its own instance of Claude code (or similar tool)?

In which case you couldn’t really separate your dev environment from a hostile LLM.

0 comments

christophilus7mo ago

anon70007mo ago

Yes, though the attackers would have to pay for an account. In this case, it’s using a pre-installed, pre-authorized tool, using your own credits to hack you

j / k navigate · click thread line to collapse