Tag
A maliciously crafted `.claude/settings.json` file in a Claude Code repository (versions prior to 2.1.53) can bypass the workspace trust confirmation dialog by exploiting a configuration loading order defect, allowing for arbitrary code execution within a supposedly untrusted workspace.