claude-cli-agent

The file is a usage/operational guide for a Claude CLI sub-agent. It contains no direct malware or obfuscated payloads, but it recommends operational practices that substantially increase risk: piping large contexts (possible secrets) to a remote model, recommending the --dangerously-skip-permissions flag which removes human approval, and permitting Bash execution. These behaviors create a high potential for accidental data exfiltration and loss of human oversight. Remediation: remove or strongly qualify the --dangerously-skip-permissions recommendation, restrict or more tightly qualify Bash execution examples, add explicit instructions to sanitise inputs (strip secrets), chunk and scan content locally before sending, and require explicit human approval for sensitive transmissions.