Nixpkgs Security Tracker

Untriaged

Permalink CVE-2026-33068

created 1 day, 1 hour ago

Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File

Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set permissions.defaultMode to bypassPermissions in its committed .claude/settings.json, causing the trust dialog to be silently skipped on first open. This allowed a user to be placed into a permissive mode without seeing the trust confirmation prompt, making it easier for an attacker-controlled repository to gain tool execution without explicit user consent. This issue has been patched in version 2.1.53.

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-mmgp-wc2j-qcv7 x_refsource_CONFIRM

Affected products

claude-code

==< 2.1.53

Matching in nixpkgs

pkgs.claude-code

An agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster

nixos-unstable 2.1.77
- nixpkgs-unstable 2.1.76
- nixos-unstable-small 2.1.78
nixos-25.11 2.1.25
- nixos-25.11-small 2.1.25
- nixpkgs-25.11-darwin 2.1.25

pkgs.claude-code-acp

ACP-compatible coding agent powered by the Claude Code SDK

nixos-unstable 0.16.1
- nixpkgs-unstable 0.16.1
- nixos-unstable-small 0.16.1
nixos-25.11 0.10.6
- nixos-25.11-small 0.10.6
- nixpkgs-25.11-darwin 0.10.6

pkgs.claude-code-bin

Agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster

nixos-unstable 2.1.77
- nixpkgs-unstable 2.1.76
- nixos-unstable-small 2.1.78

pkgs.claude-code-router

Tool to route Claude Code requests to different models and customize any request

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 1.0.64
- nixos-25.11-small 1.0.64
- nixpkgs-25.11-darwin 1.0.64

pkgs.gnomeExtensions.claude-code-usage

Display Claude Code usage in the top panel. This extension uses anthropic.com services. This extension is not affiliated, funded, or in any way associated with Claude.

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.claude-code-switcher

A GNOME shell extension for quickly switching Claude Code API providers with enhanced performance and reliability.

nixos-unstable 13
- nixpkgs-unstable 13
- nixos-unstable-small 13
nixos-25.11 13
- nixos-25.11-small 13
- nixpkgs-25.11-darwin 13

pkgs.vscode-extensions.anthropic.claude-code

Harness the power of Claude Code without leaving your IDE

nixos-unstable 2.1.77
- nixpkgs-unstable 2.1.76
- nixos-unstable-small 2.1.78
nixos-25.11 2.1.25
- nixos-25.11-small 2.1.25
- nixpkgs-25.11-darwin 2.1.25

pkgs.gnomeExtensions.claude-code-usage-indicator

Shows remaining time and usage percentage for Claude Code sessions in the top panel. Displays format like '3h 12m (30%)' showing both time remaining and percentage consumed. Automatically refreshes every 5 minutes.

nixos-unstable 3
- nixpkgs-unstable 3
- nixos-unstable-small 3
nixos-25.11 3
- nixos-25.11-small 3
- nixpkgs-25.11-darwin 3

Package maintainers

@omarjatoi Omar Jatoi
@malob Malo Bourgon <mbourgon@gmail.com>
@markus1189 Markus Hauck <markus1189@gmail.com>
@storopoli Jose Storopoli <jose@storopoli.com>
@xiaoxiangmoe ZHAO JinXiang <xiaoxiangmoe@gmail.com>
@mirkolenz Mirko Lenz <mirko@mirkolenz.com>
@Prince213 Sizhe Zhao <prc.zhao@outlook.com>
@honnip Jung seungwoo <me@honnip.page>

Suggestions search