Slow Mist Discovers Multiple Security Risks in Grok Build CLI on July 18

According to Slow Mist, on July 18, the security team discovered multiple vulnerabilities in Grok Build CLI. The audit revealed that cargo check is incorrectly classified as a safe command, which combined with malicious AGENTS.md instructions can trigger build.rs execution for remote code execution. Additionally, bypassPermissions in .claude/settings.json can bypass permission checks for unrestricted tool execution. The CLI inherits Claude Code CLI's permission model, introducing similar risks, while .mcp.json via MCP configuration introduces additional attack surface.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments