How I work quickly but safely with Claude Code

Note: This will be a long one. Scroll down to see my current workflow

Preface

Claude Code is a powerful tool, with a few caveats. I began using Claude Code only a few weeks after it became available to Pro subscribers in July 2025. After using it for a few days, I often found myself running into usage limits. Just a couple of months before this, I found paying ~$30AUD a month for AI a bit too steep. Now I was staring down the barrel of a $170AUD a month subscription for Claude Max 5x. A week past and I had built a schedule - use Claude Code at 8AM, usage limit will reset around lunch, code again in the afternoon. This worked and within a week I had created a web app to integrate into Sharepoint that helped me and the team to determine which software should be installed for a new starter based off their role and seniority. Then I thought that if I can do this in a week, imagine what else I can do. So in discussing this with my manager, Tim, he voiced the need for a secure AI for Excel for our users to avoid sketchy third party apps with opaque privacy and data security policies. This began a new chapter in my work. After only 1 month of using Claude Code on the Pro plan, I decided to give the Max5 plan a try. That was August. I am still on Max5 to this day, with no plans of downgrading.

The point of that whole thing above is to show just how quickly AI development embedded in my workflow. But as I look back, I see how I ignored risks to speed development.

I started with Claude in Docker but quickly moved to WSL to avoid the “hassle” of dealing with Docker on Windows. With Claude Code on WSL, I was unstoppable. I moved reference files directly to the project folder (in ~\code usually) and didn’t think twice before giving Claude free reign to create, move, edit, delete all manner of files. My thinking was it would remain within the project folder and WSL would provide a barrier. While it never did break anything, I recognize my mistakes and am writing the guide to help others avoid them.

How I actually use Claude Code right now

I have three distinct areas of work: Personal, Project, and Work. Personal is fun things to learn and tinker with. The sort of half-baked project that may or may not end up on my public GitHub. Project is long-term ideas that are actively worked on, but are not something I want to rush. Work is work. My role as Junior IT Administrator now includes Claude Code for a variety of uses.

Each area receives a different security setup.

Personal

Personal projects, thanks to their temporary nature, are local only with a private GH repo. That means that Claude Code is run directly on my machine, no containers or isolation. Sandbox is often setup too. I understand this is risky, but as these are really only quick things I need Claude to look at in a way the website could not do, I am happy to monitor it.

Project

My major projects get the premium treatment. These operate out of GitHub Codespaces, with sandboxing enabled. This has the added advantage of portability as I often find myself reconfiguring scripts/commands between Linux (i use arch btw) and Windows. Codespaces provide a barrier from my personal files and when combined with GitHub best practices allow for destructive actions (removing the French language pack with rm -rf * for example) to be rolled back with ease. This method is not fool proof, and I do still have some concerns about Claude’s use of GH cli, but overall I think it’s a good balance of convenience and security.

Work

I am not going to spill the beans too much about my AI use at work, but what I can say is that it is constantly evolving. There is no guidebook on how to use Claude Code in the workplace, so proper planning and a security first approach is key. A healthy balance of GH Codespaces and local usage is used. But as I said, this is true today but may not be true tomorrow. As compliance requirements change and new polices emerge I see my workflow changing soon.

Conclusion

At the end of the day, I don’t even know what I am protecting against, and what else is emerging. Prompt injection, slopsquatting, destructive deletes, it’s always changing. I am curious to see what I will be doing to secure my setup a year from now. This post is essentially a time capsule with the added benefit of helping others secure their own.

P.s: Ironically for a post about AI, this post has not been touched by AI as indicate by the lack of AI tagging at the top.