Approve Once, Exploit Forever: The Trust Persistence Vulnerability Vendors Will Not Fix
📰 Dev.to · Toni Antunovic
Claude Code, Codex CLI, and Gemini-CLI share a TOCTOU trust model that lets a single malicious commit permanently own every future agent session. All three vendors closed the report as informational. Here is what your team can do instead.
DeepCamp AI