"Is Your Claude Code Setup Safe? Check in 5 Seconds"

Recent CVE disclosures ( CVE-2025-59536 , CVE-2026-21852 ) showed that malicious .claude/settings.json files in cloned repos can execute arbitrary shell commands and exfiltrate API keys. Anthropic patched these specific vulnerabilities, but the broader question remains: what is Claude Code allowed to do on your machine right now? The one-liner curl -fsSL https://raw.githubusercontent.com/Bande-a-Bonnot/Boucle-framework/main/tools/safety-check/check.sh | bash No installation. No dependencies beyond bash and python3. Takes about 2 seconds. What it checks The script inspects your ~/.claude/settings.json and scores 9 items across 5 categories: Destructive Command Protection bash-guard : blocks rm -rf / , sudo , curl|bash , and 10+ other dangerous patterns git-safe : blocks force push, hard reset, git clean -f File Protection file-guard : prevents reads/writes to .env , private keys, credential files branch-guard : blocks direct commits to main/master/production Observability session-log :

"Is Your Claude Code Setup Safe? Check in 5 Seconds"

Related Articles

The Age of Personalized Software

Automating Checkout Add-On Recommendations in WordPress for WooCommerce

Start Here: Learning to develop your own way with SCSIC

Vibe Coding Isn’t for Everyone (And That’s the Point)

Sometimes We Make Mistakes (Meta’s Cost $80 Billion)

Related Articles

How-To
The Age of Personalized Software
Medium Programming • 15h ago

How-To
Automating Checkout Add-On Recommendations in WordPress for WooCommerce
Dev.to • 15h ago

How-To
Start Here: Learning to develop your own way with SCSIC
Medium Programming • 19h ago

How-To
Vibe Coding Isn’t for Everyone (And That’s the Point)
Medium Programming • 20h ago

How-To
Sometimes We Make Mistakes (Meta’s Cost $80 Billion)
Medium Programming • 20h ago