YOLO Mode: Hidden Risks in Claude Code Permissions | UpGuard

**Executive summary:** Analysis of 18,470 publicly exposed Claude Code settings.local.json files shows many developers granted broad 'allow' permissions (e.g., curl, python, node, rm, git push) that permit network retrieval, arbitrary code execution, destructive file operations, and unmonitored repository changes; these misconfigurations materially increase the risk of prompt-injection-driven RCE, data exfiltration, and supply-chain propagation and warrant immediate governance, deny/ask rule adoption, and periodic permission reviews.