Snyk Security Database

@gitlawb/openclaude is an OpenClaude opens coding-agent workflows to any LLM — OpenAI, Gemini, DeepSeek, Ollama, and 200+ models

Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the BashTool input schema that exposes dangerouslyDisableSandbox parameter in addition to allowUnsandboxedCommands commands being allowed by default. An attacker can execute arbitrary commands on the host system by manipulating the input to disable sandboxing, leading to full host-level code execution, file access, and potential exfiltration of sensitive data.

local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the PDFService._markdown_to_html() function. An attacker can cause the server to make unauthorized HTTP requests to internal or external resources and potentially access sensitive information by injecting specially crafted HTML tags into user-controlled input fields that are rendered during PDF export. This can also result in document structure corruption, leading to incorrect rendering or denial of service for the export functionality.

Affected versions of this package are vulnerable to Incorrect Check of Function Return Value in the "second factor" flow where FinishAssertionSteps fails to cross-check the verified credential handle against the requested username when a userHandle is not found for that username during the initial lookup. An attacker can gain unauthorized access by exploiting this flaw to impersonate another user.