Mozilla 0DIN Claude Code Case Study 2026

Mozilla 0DIN Claude Code Case Study 2026: Clean Repos, Reverse Shells, and Agent Sandboxing

Introduction — The Clean Repo Paradox In late June 2026, Mozilla’s 0DIN research team published something that should make every developer using AI coding agents stop and think. They demonstrated a full reverse shell compromise against Claude Code using a GitHub repository that contained zero lines of malicious code. No obfuscated JavaScript. No hidden base64 payloads. No suspicious imports. The repo would pass any code review, any SAST scanner, any human eyeball. And yet, when Claude Code opened it and followed the README instructions, a reverse shell connected back to the attacker within seconds. ...

July 7, 2026 · 9 min · baeseokjae