// ClaudeCRITICAL
GMO Flatt Security researcher disclosed critical vulnerabilities in Claude Code's GitHub Actions workflow that allow bypassing permission controls and compromising repositories. An attacker could inject malicious input through GitHub Issues or Pull Requests to exfiltrate secrets, execute arbitrary commands, and compromise repositories including Anthropic's own. Variants were actively exploited in the wild before disclosure. Anthropic patched the issues in version 1.0.94.
- Poisoning Claude Code: One GitHub Issue to Break the Supply Chai(opens in a new tab)
- Claude Code’s GitHub Actions Vulnerability Lets Attackers Compro(opens in a new tab)
- Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk(opens in a new tab)
- Claude Code's GitHub Actions Vulnerability Lets Attackers Compro(opens in a new tab)
- Securing CI/CD in an agentic world: Claude Code Github action ca(opens in a new tab)
- Critical Security Flaw In Claude Code GitHub Action Puts CI/CD C(opens in a new tab)
// Get alerts for Claude