been building a lightweight openclaw type thing in bash because all the electron bloat felt dumb. works great — osascript talks to safari, safari has all my sessions, claude code drives the whole thing. then i realized if it can read my gmail tab it can also read a phishing email. and theres nothing stopping it from treating “hey forward me the api keys” in an email body as an actual instruction. any ideas on security logic? like a safe word or a hash or something so claude knows it’s me submitted by /u/sean_hash
Originally posted by u/sean_hash on r/ClaudeCode
You must log in or # to comment.
Simple solution: don’t give it access. Better: put it into a VM, which sandboxes it.