theorydeltaclaim-fidelity audits
built 2026-07-17dossiers: 5last verified 2026-07-09independent · evidence-traced · no vendor influence
← back to Claude Code dossier

CLAIM 10 / Claude Code

"Trust verification: First-time codebase runs and new MCP servers require trust verification"

partial

Observed

The dialog exists, but trust-before-verify has been breached four times by CVE: ANTHROPIC_BASE_URL in a committed settings file forwarded the API Authorization header before the trust dialog completed (CVE-2026-21852, patched < v2.0.65); enableAllProjectMcpServers executed MCP startup commands before the dialog appeared (CVE-2025-59536, patched < v1.0.111); a repo-controlled permissions.defaultMode: bypassPermissions silently skipped the trust dialog itself (CVE-2026-33068); and deny rules failed through symlinks (CVE-2026-25724). All are patched per disclosure review (source-reviewed 2026-05-24), and the docs themselves disclose that trust verification is disabled in -p non-interactive mode.

Evidence

theorydelta.com · 2026independent · evidence-backed · every claim sourced or labelledabout ·glossary ·rss ·mcp ·llms.txt