Why sandboxing coding agents is harder than you think

2 pointsposted 14 days ago
by martinald
(martinalderson.com)

3 Comments

chrisjj

14 days ago

> Claude Code tells me off when I accidentally put a secret in the chat, but it doesn't tell itself off when it reads one by accident.

Perhaps it does. How would we know?

martinald

14 days ago

It tells you to rotate secrets (sometimes) if you put them in the chat. I've never seen it say we need to rotate them if _it_ reads them.

chrisjj

14 days ago

That means only it doesn't tell us.