Show HN: First-token-only flaw in Claude Code permissions (triage bot too)
spitfirecowboy.comI filed GH issues, and PR fixed on claude-code. I submitted a report on Hackerone, but the triage bot has the SAME category error problem. I got dismissed as "informatiional" because your bot saw my 'rm -rf' example, and dismissed it as an OS problem.
But that is exactly wrong. Allow and deny lists allow DANGEROUS actions like "git cleanup"
Some human needs to read this HN post and my blog post. I've written a bash-guard fix that I use locally, but I CAN'T help everyone else until Anthropic takes my bug report seriously
https://github.com/anthropics/claude-code/issues/36637 https://github.com/anthropics/claude-code/pull/36645
No comments yet.