1 comment

[ 0.70 ms ] story [ 9.7 ms ] thread
been using claude code heavily for a while now and yeah the memory files are just plaintext sittng in your home directory. no encryption, no access controls. if you're running it on a shared machine or a dev server that's a real exposure. treat it like any other credential file — restrict permissions and don't put it on machines you don't fully control.