https://jashidsany.com/tags/permission-bypass/ Recent content in Permission-Bypass on Jashid Sany https://jashidsany.com/images/og-default.png https://jashidsany.com/images/og-default.png Hugo en-us Tue, 14 Apr 2026 00:00:00 +0000 https://jashidsany.com/security-research/ai-security/claude-code-finding-5-deny-bypass-script-exec/ Tue, 14 Apr 2026 00:00:00 +0000 https://jashidsany.com/security-research/ai-security/claude-code-finding-5-deny-bypass-script-exec/ Claude Code's Bash permission deny rules can be completely bypassed by writing denied commands into a script file and executing it. The parser evaluates only the script path, not its contents. Five explicitly denied commands executed and exfiltrated data to an external endpoint.