1. Claude Code Project Lacks Critical Security Disclosure Policy, Raising Risk for Open-Source Users
The Claude Code project, an open-source tool that manages sessions capable of executing arbitrary commands, is operating without a formal vulnerability disclosure policy. This absence of a documented security process creates a significant blind spot for users and contributors who may discover critical flaws. The reposi...