running claude with --dangerously-skip-permissions in k8s is actually a smart move for isolation. the container boundary does alot of the permission work for you. one thing i'd watch though: ephemeral pods mean lost session context. the real workflow pain isnt the permissions, its picking up where you left off after a pod restart. stateless infra and stateful agent conversations dont mix well without something managing session persistence externally.
running claude with --dangerously-skip-permissions in k8s is actually a smart move for isolation. the container boundary does alot of the permission work for you. one thing i'd watch though: ephemeral pods mean lost session context. the real workflow pain isnt the permissions, its picking up where you left off after a pod restart. stateless infra and stateful agent conversations dont mix well without something managing session persistence externally.