Critical Vulnerability in Claude Code: Just Opening a Project Lets Hackers Execute Commands Through Anthropic's AI

Check Point researchers discovered a critical flaw in Claude Code, Anthropic's AI coding assistant. A specially crafted repository could execute shell commands or malicious actions immediately when opened, bypassing a core security control designed to prevent execution until explicit user trust. The AI ran hidden code from untrusted projects before any user confirmation. No click required. No permission asked. Just open the file and the AI does the attacker's bidding.