You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
chore: add security notice for --dangerously-skip-permissions in Claude module (#116)
Let's be upfront about how our module works so operators/template
authors can evaluate the security implications.
Signed-off-by: Danny Kopping <[email protected]>
Copy file name to clipboardExpand all lines: registry/coder/modules/claude-code/README.md
+5Lines changed: 5 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,6 +22,11 @@ module "claude-code" {
22
22
}
23
23
```
24
24
25
+
> **Security Notice**: This module uses the [`--dangerously-skip-permissions`](https://docs.anthropic.com/en/docs/claude-code/cli-usage#cli-flags) flag when running Claude Code. This flag
26
+
> bypasses standard permission checks and allows Claude Code broader access to your system than normally permitted. While
27
+
> this enables more functionality, it also means Claude Code can potentially execute commands with the same privileges as
28
+
> the user running it. Use this module _only_ in trusted environments and be aware of the security implications.
29
+
25
30
## Prerequisites
26
31
27
32
- Node.js and npm must be installed in your workspace to install Claude Code
0 commit comments