Module 1: Agent Fundamentals · 25 min

Setting Up Claude Code as Your First Agent Runtime

// sabak

Turn this lesson into one checked practice output

By the end, you should be able to explain the core idea behind “Setting Up Claude Code as Your First Agent Runtime” in your own words, apply it to one small real or sample task, and identify what still needs human review.

  1. 1

    Learn

    Read the 25-minute lesson without copying an output blindly.

  2. 2

    Try

    Use a small, non-sensitive example that you can inspect line by line.

  3. 3

    Review

    Check facts, fit, and risk; save one improvement note for next time.

Claude Code can inspect a repository, run approved tools, edit files, and report results. That makes a disposable practice repository a useful first runtime. It does not justify disabling permission checks or giving an agent access to production secrets.

After this lesson, you can create a contained workspace, a project instruction file, and a reviewable read-test-edit loop.

Prepare a Safe Workspace

Use a new repository with sample data. Before starting:

  • initialize version control and make a clean baseline commit;
  • exclude .env, credentials, keys, customer exports, and personal files;
  • install dependencies from reviewed manifests;
  • define test, lint, and build commands;
  • restrict the working directory;
  • confirm the company—not a contractor—owns any required account;
  • create a small task with a verifiable result.

Anthropic’s current CLI documents permission modes, allowed/disallowed tools, maximum turns for print mode, and a flag that skips permissions. Do not use the skip-permissions flag in this exercise.

Write Project Instructions

Create a short repository instruction file:

Purpose: sample quotation calculator
Allowed: read source/tests, edit src and tests, run npm test
Forbidden: network calls, secrets, production data, deleting outside repo
Quality: preserve public API, add tests, report assumptions
Stop: tests fail twice for same reason, requirement unclear, or scope expands

Instructions guide the model; OS permissions, credentials, and tool controls enforce the boundary.

Run a Controlled Task

Ask Claude Code to inspect first and propose a plan. Review file scope. Permit read-only commands and tests. Approve edits only inside the sample repository. Inspect the diff, rerun tests independently, and revert using version control if the change is wrong.

Record tool calls, changed files, test output, assumptions, and unresolved risks. The final model message is not test evidence.

Worked Example

The sample app calculates a quotation subtotal but accepts negative quantities. The goal is: reject non-integer or non-positive quantity, preserve valid results, and add tests.

Claude Code reads the calculator and test file, proposes validation, edits only those files, and runs the test command. A human reviews the diff and independently runs tests. The system does not open email, deploy, publish, or access an .env. Completion is a reviewed patch plus passing tests—not “Claude says fixed.”

Failure Cases to Diagnose

  • Started in a home directory: restrict to an isolated repository.
  • Secrets visible to the process: remove them and rotate if exposed.
  • Skip-permissions flag used for convenience: restore explicit approval and tool rules.
  • Unbounded task such as “improve everything”: define files, behavior, and checks.
  • Agent installs random packages: require dependency review.
  • Generated test merely repeats implementation: test observable requirements and edge cases.
  • Diff not reviewed: treat output as a proposal until verified.

🇵🇰 Pakistan Angle

Use synthetic PKR amounts, sample phone numbers, and fake customer names. Never practice on a live merchant database or exported WhatsApp contacts. If internet or electricity is unstable, commit the clean state and keep a local test command so recovery does not depend on conversation memory.

For agency work, keep each client in a separate company-authorized workspace. Do not point an agent at a parent directory containing several clients, shared .env files, or personal documents. Access isolation is part of professional delivery.

Hands-On Exercise

  1. Create a disposable repository and baseline commit.
  2. Add the project instruction contract.
  3. Run a read-only inspection and review the plan.
  4. Complete one bounded change with tests.
  5. Review diff and tests independently, then document the run.

Done means: the task is reproducible from a clean checkout, the diff stays in scope, and no secret or external system was exposed.

Completion Rubric

  • Workspace and data are isolated and synthetic.
  • Project instructions define allowed, forbidden, quality, and stop rules.
  • Permission checks remain active.
  • Dependencies and file scope are reviewed.
  • Tests are independently rerun.
  • Version control provides audit and rollback.

Sources

Key takeaway: learn agentic coding inside a disposable, versioned workspace with explicit permissions and independent verification—never by handing production access to a prompt.

Self-check

Before you mark Lesson 1.3 complete

  • Can I explain “Setting Up Claude Code as Your First Agent Runtime” without reading the lesson back word for word?
  • Did I complete the lesson’s practice step on a real or clearly labelled sample task?
  • Did I check the result for invented facts, private data, unsafe actions, and mismatch with the brief?