From 3f42f079b698233c835b37abade2567ff56ae829 Mon Sep 17 00:00:00 2001
From: Danny Kopping <dannykopping@gmail.com>
Date: Fri, 23 May 2025 11:38:28 +0200
Subject: [PATCH] chore: add security notice for
 "--dangerously-skip-permissions"

Signed-off-by: Danny Kopping <dannykopping@gmail.com>
---
 registry/coder/modules/claude-code/README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/registry/coder/modules/claude-code/README.md b/registry/coder/modules/claude-code/README.md
index f6b3b2a93..9a0437abc 100644
--- a/registry/coder/modules/claude-code/README.md
+++ b/registry/coder/modules/claude-code/README.md
@@ -22,6 +22,11 @@ module "claude-code" {
 }
 ```
 
+> **Security Notice**: This module uses the [`--dangerously-skip-permissions`](https://docs.anthropic.com/en/docs/claude-code/cli-usage#cli-flags) flag when running Claude Code. This flag
+> bypasses standard permission checks and allows Claude Code broader access to your system than normally permitted. While
+> this enables more functionality, it also means Claude Code can potentially execute commands with the same privileges as
+> the user running it. Use this module _only_ in trusted environments and be aware of the security implications.
+
 ## Prerequisites
 
 - Node.js and npm must be installed in your workspace to install Claude Code