I'm not sure how serious you are with this comment, but feel free to look at the source code. It only has access to files you've explicitly added to the project directory.

You’ve put that restriction in as a safety valve. I’m sure it would be easy to remove. Op’s concern remains.

How would it be removed?

It's open sourced. Why don't you take a look?

Because there are people who are smarter than me who can put in such access in ways I can't detect with my, at best, modest coding knowledge.

The code is pretty straightforward and not that large. I feel like the only possibility of such an exploit would probably be through Docker itself - or some sort of cross site scripting.

What is one of your package dependencies dependencies have an exploit?

Overall, nice idea and demo. I’d be a bit hesitant to run, but creative implementation

At this point, it just seems like he's trying to throw every every idea on the wall to see what sticks in the end.

I'm trying to figure out what this means, if it is suggesting that they can find employee's personal accounts, or if it means that they want to become like LinkedIn.

Source code: https://aaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...

Great work! A bit of an edge case, but you do not handle cyrillic (and potentially other non-latin URLs) correctly. кц.рф didn’t work for me.

Hey actual author here! Seems like thats something with js being dumb. Maybe i'll add a checkbox to allow for an override

I'm curious about the decision to host the source code on replit vs github?

I think they're talking about the whole blog's Explore page.