Three Claude Code Vulnerabilities Let Attackers Run Commands and Steal API Keys Just by Cloning a Repo
Check Point Research disclosed three vulnerabilities in Anthropic's Claude Code CLI that allowed remote code execution and API key theft through malicious project configuration files - all triggered before trust prompts appeared.