Great post. Two thoughts. First, your description about social scientists not understanding terminal/shell is right and reminds me how we talk about current students (esp undergrads) who don't understand folder structures when using computers for projects. Second, the step where we should be reviewing Claude Code project code is limited for some social scientists because of the use of python rather than Stata, right? Thoughts?
I was thinking that same thing actually about undergrads who don't have a mental model for folder structures. I think this lack of a mental model is where things will bite, but it's all endogenous -- we can learn this stuff. I really hope I don't learn some important lesson in the hardest way possible, though. I'm sort of ready to start learning important lessons in inexpensive ways.
I think that the step of reviewing code *is* the workflow though. Even that guy Boris says he is constantly and vigorously reviewing. I think that's key. How one does it -- that's another matter.
the cybersecurity way of thinking is its own highly paranoid thing. it's comparable to, but different from, "equilibrium thinking", it has to be taught and learned. unfortunately everyone who uses these tools will have to learn it at least a little bit.
one solution to many of the problems described here is just to run everything inside a sandboxed virtual machine (managed by Docker most likely). the technical tools to do this exist, but it's all kind of a pain in the ass to manage. making it easier and building it into the products will hopefully help.
Yeah, I think the sandboxed virtual machine is probably one of the very clear solutions. If you more or less assume some kind of Murphys law where anything bad that can happen will happen with enough trials, then you should at bare minimum stick all this in a place where when that happens it's more or less manageable. My hunch is that we will have more ways to respawn from such huge self inflicted wounds as the returns to adoption are just so high.
seems like Claude just launched a new "Cowork" feature today in the desktop app which does exactly this, and also has a more normal-person-flavored interface vs. pitched as a coding assistant. however seemingly can't install custom software in it as of yet.
Another suggestion (sorry if this is already obvious!) is to take this article, ask claude what instructions should go in a claude.md based on your discussion here, and then put it in ~/.claude/CLAUDE.md so it will be active in every project.
I have used Jules with GitHub and to some degree there are some “I’m sorry, Dave I’m afraid I can’t do that” moments but it will tell me how to do it. I wonder if guardrails like that will come to Claude Code too.
Great post and insights. Then, exhibiting weirdly uncanny timing, I watched this video posted 1/12/26. The potentially catastrophic rm -rf command unleashed in a livestream of first use of Claude Cowork. https://youtu.be/_6C9nMvQsGU?si=2u_sfy6pWinMKPbi
Hah! What a complete cluster! So again my prediction in the product market -- Claude Code creates more services that give fairly extensive cloud-based version control, or we just keep our dropbox subscriptions.
Great post. Two thoughts. First, your description about social scientists not understanding terminal/shell is right and reminds me how we talk about current students (esp undergrads) who don't understand folder structures when using computers for projects. Second, the step where we should be reviewing Claude Code project code is limited for some social scientists because of the use of python rather than Stata, right? Thoughts?
I was thinking that same thing actually about undergrads who don't have a mental model for folder structures. I think this lack of a mental model is where things will bite, but it's all endogenous -- we can learn this stuff. I really hope I don't learn some important lesson in the hardest way possible, though. I'm sort of ready to start learning important lessons in inexpensive ways.
I think that the step of reviewing code *is* the workflow though. Even that guy Boris says he is constantly and vigorously reviewing. I think that's key. How one does it -- that's another matter.
good discussion of security issues around LLMs https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/
the cybersecurity way of thinking is its own highly paranoid thing. it's comparable to, but different from, "equilibrium thinking", it has to be taught and learned. unfortunately everyone who uses these tools will have to learn it at least a little bit.
one solution to many of the problems described here is just to run everything inside a sandboxed virtual machine (managed by Docker most likely). the technical tools to do this exist, but it's all kind of a pain in the ass to manage. making it easier and building it into the products will hopefully help.
Yeah, I think the sandboxed virtual machine is probably one of the very clear solutions. If you more or less assume some kind of Murphys law where anything bad that can happen will happen with enough trials, then you should at bare minimum stick all this in a place where when that happens it's more or less manageable. My hunch is that we will have more ways to respawn from such huge self inflicted wounds as the returns to adoption are just so high.
seems like Claude just launched a new "Cowork" feature today in the desktop app which does exactly this, and also has a more normal-person-flavored interface vs. pitched as a coding assistant. however seemingly can't install custom software in it as of yet.
Oh, cowork. Let me dig into that.
Another suggestion (sorry if this is already obvious!) is to take this article, ask claude what instructions should go in a claude.md based on your discussion here, and then put it in ~/.claude/CLAUDE.md so it will be active in every project.
I have used Jules with GitHub and to some degree there are some “I’m sorry, Dave I’m afraid I can’t do that” moments but it will tell me how to do it. I wonder if guardrails like that will come to Claude Code too.
Great post and insights. Then, exhibiting weirdly uncanny timing, I watched this video posted 1/12/26. The potentially catastrophic rm -rf command unleashed in a livestream of first use of Claude Cowork. https://youtu.be/_6C9nMvQsGU?si=2u_sfy6pWinMKPbi
Hah! What a complete cluster! So again my prediction in the product market -- Claude Code creates more services that give fairly extensive cloud-based version control, or we just keep our dropbox subscriptions.