Your AI Coding Agent Has Access To Your SSH Keys Right Now

The article warns that giving Claude Code Bash access gives the AI the same privileges as the user. It can read private SSH keys, look at environment files, and send data to external sites. The article shows how commands like

cat ~/.ssh/id_rsa

or

find . -name "*.env" -exec cat {} \;

can become tools for stealing data when they are used with malicious prompts.

The author points out that prompt injection can hide hidden instructions in web pages, documents, or code snippets that the model processes.

To lower the risk, a seven layer defense is proposed. It starts with pre‑execution hooks that block any attempt to access credentials before a command runs.