Hacker News (AI keywords)Jun 4, 2026, 12:27 AMjbredeche重要 74

How we contain Claude across products

Original: The ways we contain Claude across products

Anthropic explains how it limits Claude agents’ blast radius across claude.ai, Claude Code, and Claude Cowork.

Anthropic describes containment as the core security strategy for increasingly capable Claude agents. The post compares ephemeral containers for claude.ai, OS-level sandboxing and approvals for Claude Code, and VM isolation for Claude Cowork. It also details missed risks, including pre-trust project config execution, user-delivered prompt injection, exfiltration through approved domains, and reduced enterprise visibility inside VMs.

想看英文原文 / 完整內容?

前往 Hacker News (AI keywords) 原文 →

相關

claudeclaude-aiclaude-codeclaude-coworkmcp#agent-security#sandboxing#prompt-injection#vm-isolation#egress-control

摘要由 AI 整理,以原文為準。