Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Code became much more useful once hooks made it follow my workflow instead of starting from scratch every session.