Skip to content
Better HN
Top
New
Best
Ask
Show
Jobs
Search
⌘K
undefined | Better HN
0 points
zingababba
7mo ago
0 comments
Share
Apparently they were using --dangerously-skip-permissions, --yolo, --trust-all-tools etc. The Wiz post has some more details -
https://www.wiz.io/blog/s1ngularity-supply-chain-attack
0 comments
default
newest
oldest
CER10TY
7mo ago
That's a good catch. I knew these flags existed, but I figured they'd require at least a human in the loop to verify, similar to how Claude Code currently asks for permission to run code in the current directory.
j
/
k
navigate · click thread line to collapse
