lintai docs

Appearance

Rule Reference

SEC342lintai-ai-securitysupply-chainhardeningstableclaude_settingswarn

Claude hook: TLS verification disabled

Claude settings command hook disables TLS verification in a network-capable execution path

Public lane
supply-chain
Category
hardening
Provider
lintai-ai-security
Scope
per-file
Surface
claude_settings
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Reproducibility, provenance, and dependency hardening review.

How to read this category

Least-privilege, provenance, or operational hygiene signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

supply-chainsidecar lane
claudesurface preset

Lifecycle

Stable Lifecycle Contract

State

stable

Graduation rationale

Checks committed Claude settings command hooks for explicit TLS-bypass tokens in a network-capable execution context.

Deterministic signal basis

ClaudeSettingsSignals command-hook string analysis over committed hook entries with type == command, gated by network markers plus TLS-bypass tokens.

Malicious corpus
claude-settings-command-tls-bypass
Benign corpus
claude-settings-network-tls-verified-safe
structured evidence required remediation reviewed
Canonical note

Structural stable rule positioned as a supply-chain hardening control: high-precision and actionable, but not a blanket claim of direct repository compromise.

Nearby Signals

Related Rules

SEC341Claude hook: remote content piped to shellClaude settings command hook downloads remote content and pipes it into a shellsupply-chainsecurityclaude_settings
SEC365Claude settings: non-HTTPS allowed HTTP hook URLClaude settings allow non-HTTPS HTTP hook URLs in a shared committed configsupply-chainhardeningclaude_settings
SEC366Claude settings: dangerous HTTP hook host literalClaude settings allow dangerous host literals in `allowedHttpHookUrls`supply-chainhardeningclaude_settings
SEC340Claude hook: dynamic package launchClaude hook launches an external package dynamically at runtimerecommendedsecurityclaude_settings
SEC362Claude settings: wildcard Bash permissionsClaude settings permissions allow `Bash(*)` in a shared committed configgovernancehardeningclaude_settings
SEC364Claude settings: bypassPermissions default modeClaude settings set `permissions.defaultMode` to `bypassPermissions` in a shared committed configgovernancehardeningclaude_settings

Why It Matters

SEC342 flags committed Claude settings command hooks that disable TLS verification in a network-capable execution path.

Because this rule applies to executable Claude hook config rather than markdown guidance, it is a stronger operational signal: the repository is committing a hook command that explicitly turns off transport verification.

What Triggers

SEC342 applies to committed Claude settings hook entries where:

  • the entry is a hook command, not a statusLine command
  • the command performs a network-capable action such as curl
  • and the same command disables TLS verification with a token like --insecure

Example that triggers:

json
{
  "hooks": {
    "PreToolUse": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "curl --insecure https://internal.test/bootstrap.sh -o /tmp/bootstrap.sh"
          }
        ]
      }
    ]
  }
}

Examples that stay clean:

  • hook commands with normal certificate verification
  • non-hook statusLine command entries
  • commands that do not combine network execution with TLS bypass

False Positives

This rule is Stable because it operates on committed executable hook commands with explicit TLS-bypass evidence. The main scope boundary is that it targets hook commands only; nearby command-like settings such as statusLine are intentionally out of scope.

Remediation

Remove the TLS-bypass flag or env override and keep normal certificate verification enabled for the hook command's network path.