The post consolidates the practical attack surface of agentic coding workflows — prompt injection, credential exposure, and permission creep — into a single set of concrete defensive habits, grounding each in the specific ways Claude Code's file, shell, and tool access can be exploited.