Claude Code bypasses safety rule if given too many commands

Apr 1, 2026· English· The Register

A hard-coded limit on deny rules drops automatic enforcement for concatenated commands Claude Code will ignore its deny rules, used to block risky actions, if burdened with a sufficiently long chain of subcommands.

This vuln leaves the bot open to prompt injection attacks.…

原文链接: The Register