You installed Claude Code and never once looked at the security settings.
55% of developers in AI projects accidentally leak sensitive user data. Average damage - $8,000-$50,000 in a single night.
By default Claude Code can read your SSH keys, AWS credentials, all .env files and push code wherever it wants. One prompt injection in a cloned repo - your data is already gone.
This is a guide to fixing that in 15 minutes.
Part 1 - What you're exposing right now
Claude Code has full access to your machine. No restrictions whatsoever. That means:
The attack doesn't need to be sophisticated. A CLAUDE.md file in a repo you cloned. A comment in a library dependency. Claude reads the instruction, executes it - and your credentials are already leaking.
Real numbers:
- GitGuardian tracked AI projects - 40% higher secret leak rate than regular projects
- Check Point found an MCP attack vector where a malicious config hijacks Claude mid-session
- Two critical vulnerabilities remained unpatched until Claude Code 2.0.65
And the scariest number: the average time to detect a credentials leak is 197 days. By then someone already took your data, sold it, and forgot you exist.
Part 2 - Level 1: settings.json (15 minutes, covers 90% of people)
One file. Copy, paste, done.
Step 1: Enable sandbox
This is the most important setting. Without the sandbox, deny rules only block Claude's built-in tools. Bash commands bypass them completely. With sandbox enabled, rules work at the OS level - Seatbelt on Mac, bubblewrap on Linux.
Data from Anthropic: 84% fewer confirmation popups. Safer AND faster to work with.
Linux only - install first:
Step 2: Full config
Create or edit ~/.claude/settings.json:
What each block does:
Step 3: Update
claude update
Versions before 2.0.65 have two unpatched critical vulnerabilities. Run this monthly.
Replaces: The false sense of security you had 5 minutes ago.
Part 3 - Level 2: Trail of Bits config (30 minutes)
Trail of Bits audits smart contracts, government systems and crypto protocols. They opened their exact Claude Code setup.
github.com/trailofbits/claude-code-config
Not just a config file. A complete system: sandbox, permissions, hooks, skills, MCP - everything they actually use on real security audits.
/trailofbits:config goes through each component, sees what you already have, and sets up what's missing. Run again after updates.
What gets added on top of Level 1:
Skill chain: brainstorm -> plan -> execute -> verify.
Claude doesn't just write code - it proves the code is safe.
Replaces: Hours of reading documentation and building your own permission system from scratch.
Part 4 - Level 3: Devcontainer (full isolation)
github.com/trailofbits/claude-code-devcontainer
Claude works inside a container. Zero access to your host machine - no SSH keys, no cloud credentials, no filesystem outside the project.
For one untrusted repo:
bypassPermissions is enabled inside the container - Claude works fast because the container is the sandbox. Your command history, settings and git identity persist between rebuilds. Sessions sync back via devc sync.
Replaces: The anxiety of running Claude on client code on your personal machine.
Full cheatsheet
The math is simple
Average AWS credentials leak costs $8,000-50,000 in a single night and the average time to detect it is 197 days.
The more time you put in now the less chance someone finds out in 197 days that your credentials have been for sale since last year.
Claude Code is powerful because it can do everything. That's exactly why you don't want it to.
**You build your own life - so choose the right path. / If this was useful - follow /
more info in my tg channel: **https://t.me/noisyclub01
