Adversa AI reports that common pattern-based shell guards in open-source AI coding agents can be bypassed with decades-old Bash quoting and expansion tricks, letting poisoned repositories, README files, or Makefiles turn agent command execution into a developer credential and supply-chain risk.
GuardFall: a universal shell injection vulnerability in open-source AI agents
Adversa AI reports that common pattern-based shell guards in open-source AI coding agents can be bypassed with decades-old Bash quoting and expansion tricks, letting poisoned repositories, README files, or Makefiles turn agent command execution into a developer credential and supply-chain risk.
Source: Adversa