Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Results that may be inaccessible to you are currently showing.
Hide inaccessible resultsResults that may be inaccessible to you are currently showing.
Hide inaccessible results