Anthropic patches Claude Code GitHub Action repo-takeover chain
GMO Flatt Security's RyotaK chained a checkWritePermissions bot bypass with prompt injection to hijack any public repo running claude-code-action. Fix shipped in v1.0.94.
GMO Flatt Security's RyotaK chained a checkWritePermissions bot bypass with prompt injection to hijack any public repo running claude-code-action. Fix shipped in v1.0.94.