mirror of
https://github.com/anthropics/claude-code.git
synced 2026-01-30 04:02:03 +00:00
e1c91d294d
Security fix to address potential prompt injection attack vector where malicious issue content could exploit gh api/comment permissions to exfiltrate the ANTHROPIC_API_KEY. Changes: - Remove gh api:* and gh issue comment:* from dedupe command allowed-tools - Command now outputs structured JSON to /tmp/dedupe-result.json - Comment posting moved to isolated workflow step without API key access - Added URL validation to prevent injection in comment content The Claude Code step can now only read issues (gh issue view/search/list), while comment posting happens in a separate step that only has GITHUB_TOKEN.