Show HN: Vibesafu – YOLO mode for Claude Code, no –dangerously-skip-permission (github.com)

A new tool called VibeSafu has been introduced to enhance security for developers using Claude Code's --dangerously-skip-permissions mode, which normally allows command execution without prior approval. While this feature facilitates swift workflows, it also opens the door to potential security risks, such as prompt injection attacks. VibeSafu acts as a guard between Claude Code and the shell, intelligently flagging suspicious commands akin to a junior developer performing a code review. Although VibeSafu is not a foolproof security solution, it aims to automate the review of obvious risks, offering a significant safety net for developers. Technically, VibeSafu employs a combination of pattern matching and language model analysis to filter out potentially harmful commands before they are executed. It can quickly identify common threats like reverse shells or malicious scripts, while also conducting deeper reviews on more ambiguous commands. Users can install VibeSafu globally and configure it to enhance security without significantly disrupting performance—most commands are processed in under a millisecond, with only those deemed suspicious undergoing a detailed analysis. This tool provides an essential layer of protection, helping developers leverage the convenience of rapid code execution while mitigating associated risks.