YOLO Mode: Hidden Risks in Claude Code Permissions | UpGuard
ID: df3f2de3-3541-591e-b64b-133c0e94d5f3
STIX ID: report--df3f2de3-3541-591e-b64b-133c0e94d5f3
Feed Name: UpGuard Blog
Threat Score
**Executive summary:** Analysis of 18,470 publicly exposed Claude Code settings.local.json files shows many developers granted overly broad 'allow' permissions (e.g., Bash(curl:*), Bash(python:*), Bash(rm:*), git push) that could enable prompt-injection attacks to escalate to remote code execution, data exfiltration, destructive file deletion, and automated supply-chain propagation across GitHub; the report recommends using deny/ask rules and periodic permission reviews to mitigate these risks.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.