We found a 1-click RCE in Block's Goose AI agent - any website could silently execute commands on your machine.
How MCP Authentication Flaws Enable RCE in Claude Code, Gemini CLI, and More
