Skip to content

Latest commit

 

History

History
13 lines (8 loc) · 754 Bytes

File metadata and controls

13 lines (8 loc) · 754 Bytes

Security Policy

Reporting a Vulnerability

If you discover a security issue, please report it by opening a private security advisory rather than a public issue.

Scope

This project executes shell scripts via Claude Code hooks. The primary security considerations are:

  • Way macros (macro.sh) execute arbitrary shell commands. Project-local macros are disabled by default and require explicit trust via ~/.claude/trusted-project-macros.
  • Hook scripts run on every tool invocation. They should not make network calls unless rate-limited and clearly documented (e.g., check-config-updates.sh).
  • No secrets should be stored in way files, macros, or hook output.