Vibe Coding
Lasso Security Publishes Claude Code Prompt Injection Research + Open-Source PostToolUse Hook Defender
Lasso Security published research demonstrating that `--dangerously-skip-permissions` enables indirect prompt injection via poisoned READMEs, docs, and MCP responses. They simultaneously released claude-hooks on GitHub — a PostToolUse hook implementing 50+ regex patterns across four attack categories (instruction override, role-playing manipulation, encoding/obfuscation, context manipulation). The defender intercepts tool results and injects warnings into Claude's context before processing. This is the first production-ready open-source defense for Claude Code's autonomous mode.
↳ Follow the thread