Safety, Governance & Security

Permission Levels

Claude Code operates with different permission modes:

Mode	What It Does	When to Use
Plan Mode	Claude proposes actions, you approve	Learning, risky changes, unfamiliar code
Auto Mode	Claude executes without asking	Routine tasks, high confidence, good test coverage
Restricted	Limited to specific tools/directories	Production systems, shared environments

Security Considerations

Risk	Mitigation
Credentials in code	Never put secrets in prompts; use environment variables
Malicious suggestions	Review all generated code, especially auth/payment flows
Unintended file access	Use .claudeignore to exclude sensitive directories
Command injection	Be cautious with shell commands on untrusted input

Governance Principles

1. Human approval for production — AI drafts, humans deploy
2. Audit trail — Keep git history clean; commit frequently
3. Least privilege — Only enable MCP integrations you need
4. Review before merge — All AI-generated code gets human review

Data Privacy

Do	Don't
Use sandbox/test data in workshops	Put production credentials in prompts
Anonymize sensitive examples	Share customer data with AI
Clear session after sensitive work	Assume conversations are private forever

Team Agreement: Safety

During the workshop, establish team norms:

• What requires human approval before execution?
• Which directories/files are off-limits to AI?
• How do we handle secrets and credentials?
• What's our review process for AI-generated code?

.claudeignore Example

Create a .claudeignore file to exclude sensitive paths:

# Secrets and credentials
.env
.env.*
*.pem
*.key
secrets/

# Production configs
config/production.json
deploy/

# Sensitive data
data/customers/
backups/

# Large files Claude doesn't need
node_modules/
*.log