Is my source code sent to ShipSafe servers?

Never. ShipSafe runs entirely on your machine. Scans, analysis, and auto-fixes all happen locally. Your source code never leaves your computer. No account required. Works offline.

How do I install ShipSafe?

Run: npm install -g @shipsafe/cli. Then run 'shipsafe scan' in any project directory. That's it — zero configuration required.

What does ShipSafe detect?

ShipSafe has 1,200+ detection rules covering SQL injection (127 rules), XSS (143 rules), prompt injection (7 rules), command injection (89 rules), SSRF (67 rules), hardcoded secrets (174 patterns), insecure authentication (98 rules), malicious MCP servers (30 patterns), path traversal, insecure deserialization, and more.

How is ShipSafe different from Snyk or SonarQube?

ShipSafe runs entirely locally (Snyk requires cloud), has AI-specific security rules like prompt injection and malicious MCP server detection (unique to ShipSafe), strips image metadata, and includes an MCP server for AI coding assistants. It's built for solo developers and small teams who use AI coding assistants.

Can I use ShipSafe with Claude, Cursor, or other AI tools?

Yes. ShipSafe includes an MCP server with 8 tools that plug directly into Claude, Cursor, Windsurf, and any other MCP-compatible assistant. Your AI can check security while it writes code.

What is prompt injection and does ShipSafe detect it?

Prompt injection is when untrusted user input is passed directly into LLM prompts, allowing attackers to manipulate AI behavior. ShipSafe has 7 dedicated rules that detect unsanitized user input in LLM prompts, system prompt leakage, indirect prompt injection via retrieved content, and prompt template manipulation.

What are malicious MCP servers and how does ShipSafe detect them?

Malicious MCP servers are rogue AI tool servers that can steal credentials, exfiltrate code, or inject malicious prompts. ShipSafe's scan-environment command checks your MCP configurations, CLAUDE.md files, git hooks, and npm scripts for 30 threat patterns including credential theft, data exfiltration, and prompt injection.

Yes. The free tier includes full security scanning with 1,200+ rules, git pre-commit hooks, baseline/delta mode, and support for 1 project. Pro ($19/mo) adds knowledge graph analysis, auto-fix, monitoring, and MCP server. Team ($49/mo) adds GitHub App integration and source maps.

How does ShipSafe reduce false positives?

ShipSafe uses Tree-sitter AST analysis to understand code context — it knows whether a variable comes from user input and whether it's been sanitized before reaching a dangerous sink. This context-aware detection dramatically reduces false positives compared to regex-only scanners.

Is it safe to use claude --dangerously-skip-permissions with ShipSafe?

ShipSafe's git pre-commit hooks provide a safety net when using --dangerously-skip-permissions. Even if Claude Code writes insecure code in autonomous mode, ShipSafe blocks the commit if it contains hardcoded secrets or critical vulnerabilities. Install hooks with: shipsafe hooks install.

March 19, 2026

Using `--dangerously-skip-permissions` Safely with ShipSafe

Claude Code’s --dangerously-skip-permissions flag lets Claude run without asking for approval on file writes, command execution, and more. It is incredibly productive — and incredibly risky. Here is how ShipSafe makes it safer.

The Problem

When you run claude --dangerously-skip-permissions, Claude Code operates in fully autonomous mode. It can write files, run shell commands, install packages, and modify configurations — all without asking you first.

This is transformative for productivity. You describe what you want, go get coffee, and come back to a working feature. But it also means Claude can:

•Hardcode API keys or tokens in source files
•Write code with SQL injection, XSS, or other vulnerabilities
•Install packages with known vulnerabilities
•Commit and push insecure code without human review

The “dangerously” in the flag name is not a joke. Without guardrails, autonomous AI coding can ship security vulnerabilities at the speed of AI.

The Solution: Git Hooks as a Safety Net

ShipSafe’s git pre-commit hooks run automatically before every commit — including commits made by Claude Code in autonomous mode. Even if Claude writes insecure code, the hook catches it before it enters your git history.

Here is what happens:

# Claude writes code with a hardcoded API key...
# Claude runs: git add . && git commit -m "Add Stripe integration"

# ShipSafe pre-commit hook intercepts:

  CRITICAL  secrets/stripe-live-key
  src/payments.ts:3
  Stripe live secret key detected.

  Commit blocked. Fix the findings above and try again.

# The commit is rejected. The secret never enters git history.

Setup: 3 Commands

Before using --dangerously-skip-permissions, set up your safety net:

# 1. Install ShipSafe
npm install -g @shipsafe/cli

# 2. Install git hooks
shipsafe hooks install

# 3. Set a baseline (so you only see NEW issues)
shipsafe scan --baseline

That is it. Now every commit — whether from you or Claude — gets scanned automatically.

What the Hook Catches

The pre-commit hook scans for:

✓Hardcoded secrets — API keys, tokens, passwords for 50+ services
✓Critical vulnerabilities — SQL injection, command injection, SSRF
✓XSS patterns — dangerouslySetInnerHTML, innerHTML with user input
✓Prompt injection — unsanitized user input in LLM prompts
✓Image metadata — GPS coordinates and EXIF data in committed images

Claude + ShipSafe MCP: Even Better

For the best experience, add ShipSafe as an MCP server in your Claude Code configuration. This gives Claude direct access to security scanning while it writes code — it can check its own work before even trying to commit.

// In your MCP config (e.g., .mcp.json)
{
  "mcpServers": {
    "shipsafe": {
      "command": "shipsafe",
      "args": ["mcp-server"]
    }
  }
}

With the MCP server running, Claude can call shipsafe_scan to check for vulnerabilities, shipsafe_check_package before installing dependencies, and shipsafe_scan_environment to verify the development environment is safe.

The Layered Defense

Using --dangerously-skip-permissions with ShipSafe gives you three layers of defense:

Layer 1: MCP Server (proactive)

Claude checks security while writing code. Issues are caught and fixed before they are even staged.

Layer 2: Pre-commit Hook (reactive)

Every commit is scanned automatically. Secrets and critical vulnerabilities block the commit.

Layer 3: Manual Scan (verification)

Run shipsafe scan at any time for a full project audit.

The Bottom Line

--dangerously-skip-permissions is the future of AI-assisted development. The productivity gains are too large to ignore. But shipping code without guardrails is reckless. ShipSafe gives you the safety net that makes autonomous AI coding responsible.

Ship Fast. Ship Safe.

Set up your safety net in 30 seconds.

npm install -g @shipsafe/cli && shipsafe hooks installGet Started Free

Using --dangerously-skip-permissions Safely with ShipSafe