Part 4/14:

A significant concern lies in headless or headless-like operations that enable run-on-demand execution—sometimes referred to as "YOLO" mode—allowing arbitrary commands to execute during CI/CD tasks. To facilitate AI integrations, Gemini CLI needs to run in this permissive mode, but it introduces a dangerous vector: if malicious code finds its way into configuration files like settings.json, it can execute arbitrary system commands with high privileges.