This makes me think a bit more about this CVE more too.
Anthropic lately has been really trying to burn any/every good will that they have it seems. Also a bit ironical about how the most dangerous model (Mythos) which can find CVE in other projects wasn't able to find this CVE within the claude-code project itself.
Anthropic response to 1-click pwn: Shouldn't have clicked 'ok': https://news.ycombinator.com/item?id=48057836
This makes me think a bit more about this CVE more too.
Anthropic lately has been really trying to burn any/every good will that they have it seems. Also a bit ironical about how the most dangerous model (Mythos) which can find CVE in other projects wasn't able to find this CVE within the claude-code project itself.