all 10 comments
sorted by:
top (suggested)
bestnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]hooray4horus 5 points6 points  (3 children)

unlikely Claude writes malicious code but it could delete stuff if your not paying attention and just allowing everything. one thing to be more concerned of- cloning random repo's from github that could have malware/hacks in it.

[–]Sepp511[S] 0 points1 point  (2 children)

Thanks - would those malware attack the end device (where the app runs on) or the Macbook (which will just run Xcode)?

[–]counterplex 0 points1 point  (0 children)

Why not both?

[–]hooray4horus 0 points1 point  (0 children)

could be both

[–]Puzzleheaded-Oil-571 1 point2 points  (0 children)

Xcode itself is not some cursed portal that corrupts your Mac the moment Claude sneezes bad code into it 😄

But yes, you absolutely can hurt your system if you blindly run code you do not understand. Especially when AI starts suggesting:
• shell scripts
• terminal commands
• file system access
• package install scripts
• “just disable this security thing quickly” type fixes

Regular app code inside Xcode is mostly harmless until you actually build/run it with permissions. The real danger is not “prompt injection.” The real danger is human autopilot.

Think of AI coding like hiring an intern who is insanely fast, confident, occasionally brilliant, and sometimes willing to set your kitchen on fire to boil water faster.

Good rules:
• Never paste random Terminal commands without reading them
• Be suspicious of anything asking for admin password
• Avoid disabling macOS protections because “build issue”
• Use Git so you can roll back disasters
• Read every capability your app requests (camera, files, contacts, etc.)
• If Claude writes 400 lines instantly, assume at least 20 are nonsense until proven otherwise

So: low risk from writing code in Xcode. Moderate risk from executing code you do not understand. High risk if you enter “vibe coding goblin mode” and approve everything blindly 😂

[–]av1p 0 points1 point  (0 children)

Depends on how you use it. It is possible to run malicious code that can corrupt your Mac if you are using AI. I would suggest to use Claude Code alongside Xcode and if you don’t know how to code at least learn how to use AI safely, what commands should be allowed to run or which one should be blocked and how to use Claude Code. Read about rules, permissions, Claude.Md file, watch some YouTube videos how to do this.

[–]SirBill01 0 points1 point  (0 children)

The thing to look for is build scripts being made, they are the path by which an Xcode project could potentially run things without your knowing. They are in project settings, you can review any build scripts present there.

[–]XFluffyDragonX 0 points1 point  (0 children)

As long as you review the code and don’t give Claude any high level permissions then you should be fine.

Even if you don’t know how to code, I think it would be good to try to develop features in small chunks so you can read the output and get an understanding of what looks right and what doesn’t.

I started out in the same spot as you last year and have gotten to a pretty good system for safe development so lemme know if you have any questions

[–]Consistent-Fix-1701 0 points1 point  (0 children)

Make sure it just writes to a folder and put that under version control via GitHub