Skip to content

Add dotclaude-security to Security Tools and Scanners > Claude Code Specific#22

Open
Perufitlife wants to merge 1 commit into
efij:mainfrom
Perufitlife:add-dotclaude-security
Open

Add dotclaude-security to Security Tools and Scanners > Claude Code Specific#22
Perufitlife wants to merge 1 commit into
efij:mainfrom
Perufitlife:add-dotclaude-security

Conversation

@Perufitlife

Copy link
Copy Markdown

Adds dotclaude-security, a static zero-dependency scanner that audits a repo's .claude/ config (settings.json hooks, MCP servers, env, allowed-tools) for the RCE and API-key-exfiltration footguns (CVE-2025-59536, CVE-2026-21852 — both already cited in this list's Vulnerability Research section) that fire when you clone and open an untrusted repository. One entry added under Security Tools and Scanners > Claude Code Specific.

…pecific

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant