claude-team

The Claude-Team orchestration framework described is feature-complete for parallel worker management with per-worker worktrees and beads workflows. It is not inherently malicious, but presents notable security risks primarily from credential handling, persistent background services, and local network exposure. Recommendations: (1) move Telegram credentials to secure storage (e.g., OS keychain, encrypted vault) and prune environment-based exposure; (2) secure the MCP transport (prefer TLS, access controls, and authentication); (3) enforce strict file permissions and integrity checks on JSON state files; (4) assess necessity of persistent LaunchAgent/cron usage and provide safer defaults or opt-out options; (5) consider auditing the dangerous-permissions flag and provide safer default behaviors; (6) document threat model and incident response steps for operators.