<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Security on Blog</title>
    <link>/tags/security/</link>
    <description>Recent content in Security on Blog</description>
    <generator>Hugo</generator>
    <language>en</language>
    <lastBuildDate>Thu, 11 Jun 2026 13:21:09 +1000</lastBuildDate>
    <atom:link href="/tags/security/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>Claude Code Plugins: A New Attack Surface</title>
      <link>/posts/claude-code-plugins-attack-surface/</link>
      <pubDate>Thu, 11 Jun 2026 13:21:09 +1000</pubDate>
      <guid>/posts/claude-code-plugins-attack-surface/</guid>
      <description>&lt;p&gt;AI coding assistants have rapidly evolved from simple autocomplete engines into fully autonomous agents capable of executing code, managing files, and spawning subprocesses on behalf of the developer. Claude Code, Anthropic&amp;rsquo;s terminal-based coding agent, ships with a plugin ecosystem that significantly extends this capability surface. That same extensibility introduces a set of security concerns worth examining in detail.&lt;/p&gt;&#xA;&lt;p&gt;This post covers the Claude Code plugin architecture from a security perspective: marketplaces, skill injection, hooks as a shell execution primitive, process tree inheritance, and the TCC permission model on macOS.&lt;/p&gt;</description>
    </item>
  </channel>
</rss>
