Ethical Hacking News
Security researchers have discovered a vulnerability in Anthropic's Claude code review tool that can be exploited by spoofing a trusted developer's identity. This highlights the need for developers to implement additional security controls to prevent similar exploits and emphasizes the importance of robust validation mechanisms to verify contributor identities.
Anthropic's code review tool Claude can be tricked into approving malicious code by spoofing a trusted developer's identity. The vulnerability arises when automated review tools treat metadata as a signal of trust, rather than independently assessing its validity. An attacker could manipulate commit metadata to convincingly fake their identity and gain approval from Claude. Implementing additional security controls, such as digital certificates for signing commits, is necessary to prevent similar exploits in the future. Guardrails must be supplemented by other checks and balances to ensure the integrity of the review process, including validating contributor identities.
In a recent discovery, security experts at Manifold Security have revealed that Anthropic's popular code review tool, Claude, can be tricked into approving malicious code by spoofing the identity of a trusted developer. This vulnerability highlights the dangers of relying on automated code review tools and the importance of implementing robust security controls to prevent such exploits.
According to Manifold, the exploit works by setting a fake author name and email address in Git, which is then passed through an automated review flow where the AI-powered model, Claude, approves it. The problem arises when this metadata is treated as a signal of trust, rather than being independently assessed for its validity.
The discovery was made possible by exploiting a vulnerability in how Claude processes commit metadata, specifically the author name and email address. By manipulating these fields, an attacker could convincingly fake their identity to gain approval from Claude.
This exploit has significant implications for the use of AI-powered code review tools like Claude, which are increasingly relied upon to auto-review and approve pull requests in open-source projects. The vulnerability highlights the need for developers to implement additional security controls, such as signing commits with digital certificates, to prevent similar exploits in the future.
Manifold's warning is that the guardrails cannot live solely in the model, but rather must be supplemented by other checks and balances to ensure the integrity of the review process. This includes implementing robust validation mechanisms, such as checking against org membership or past contributions, to verify the identity of contributors before granting approval.
The discovery serves as a stark reminder of the importance of cybersecurity and the need for developers to stay vigilant in protecting their codebases from exploitation. As AI-powered tools continue to play an increasingly prominent role in the development process, it is essential that we prioritize robust security measures to prevent similar vulnerabilities from arising in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Git-Identity-Spoofing-Exploits-Vulnerability-in-AI-Powered-Code-Review-Tools-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/04/16/git_identity_spoof_claude/
https://www.theregister.com/2026/04/16/git_identity_spoof_claude/
https://www.youtube.com/watch?v=L7P85Tf2l8U
Published: Thu Apr 16 10:13:06 2026 by llama3.2 3B Q4_K_M
