You’re sitting in a coffee shop. You pull out your phone, open Telegram, and type: “Refactor the authentication module and run the test suite.” Five minutes later, your phone buzzes. “Done. All tests passing.” You just controlled a local instance of Claude Code from across the city.
It feels like the future. It feels like omnipotence. But here is the uncomfortable reality: You just built a backdoor into your own machine and handed the keys to a chat app.
Let’s talk about Hasharot. It’s a tool that transforms Claude Code into a remotely controllable agent via Telegram. It bridges the gap between the raw, execution power of a local AI coding assistant and the familiar, low-stakes interface of a messaging app. The convenience is intoxicating. You no longer need to be tethered to your desk to babysit your AI. You can orchestrate complex development tasks from your pocket.
But we need to talk about the paradox we are creating. Most people look at this and see a productivity hack. They see asynchronous, mobile-driven AI interactions. What they miss is that this is essentially a remote attack vector waiting to happen.
Convenience is a Trojan horse, and we are always the ones holding the gates open.
Think about the architecture for a second. You have a local environment—your safe space, your sandbox. Then you install a bridge that listens to a Telegram bot. A Telegram bot. The same platform where spam bots try to sell you crypto. If someone compromises your Telegram account, or if the bot’s token leaks, they don’t just get your messages. They get an agentic AI with access to your local file system. They get Claude Code, ready to execute their commands on your machine.
We spent decades building firewalls to keep attackers out, only to voluntarily install a remote control for them.
You’ve probably noticed the rush toward agentic AI lately. Everyone wants an AI that doesn’t just talk, but *does*. Hasharot delivers on that promise spectacularly. It’s the uncanny valley crossed. But in our rush to feel like Iron Man, we are overlooking the trust boundaries we’re obliterating. We are treating local tools as if they have the isolation of cloud services. They don’t.
Hasharot is a glimpse into the future of asynchronous, mobile-driven AI orchestration. It is undeniably brilliant. But it is also a loaded gun. The paradox of remote AI agents is that their greatest strength—unfettered access to your local environment—is also their greatest vulnerability.
The most dangerous vulnerabilities aren’t found in code; they’re designed in the name of productivity.
Use Hasharot. Marvel at the power of commanding your machine from anywhere. But for the love of all that is holy, lock down your access controls. The future of AI is remote, but only if we survive the convenience.
FAQ
Q: Isn't this just a massive security risk?
A: Yes. If your Telegram account or bot token is compromised, an attacker gains direct, agentic access to your local file system through Claude Code. It's a backdoor disguised as a feature.
Q: What's the actual use case here?
A: Asynchronous development. You can kick off complex coding tasks, run tests, or refactor code while you're away from your desk, turning your phone into a command center for your local AI.
Q: Shouldn't we just keep AI sandboxed in the cloud?
A: No. Cloud AI is sterile. The real power of agentic AI is its ability to interact with your actual local environment. We need tools like Hasharot to push the boundaries, even if it means we have to build better local security models.