CodeWhale coding agent versions prior to 0.8.26 contain a privilege escalation vulnerability where the task_create tool spawns sub-agents with insecure defaults. Two critical settings default to true: allow_shell and auto_approve. When users approve what appears to be a benign task creation request, spawned sub-agents silently receive unrestricted shell access without additional approval. The vulnerability stems from insecure default configurations in config.rs and task_manager.rs files. This allows potential unauthorized command execution through seemingly legitimate task approval workflows. The issue has been resolved in version 0.8.26.