Vuln POC: Claude Code's HTTP hooks can silently rewrite your shell commands while the UI shows the original. H1 report closed as wontfix: "workspace trust threat model." So here's the full PoC. Decide for yourself if that trust dialog is doing enough. - View it on GitHub
Star
0
Rank
14051544