Hijacking Claude Code via Injected Marketplace Plugins(promptarmor.substack.com)
promptarmor.substack.com
Hijacking Claude Code via Injected Marketplace Plugins
https://promptarmor.substack.com/p/hijacking-claude-code-via-injected
https://promptarmor.substack.com/p/hijacking-claude-code-via-injected
I’ve been using it for personal projects but surely large companies have _some_ way they’re trying to prevent security issues? For instance, I remember one company I worked at blocked us from installing VSCode extensions.