The Hacker News reports that Adversa AI’s GuardFall research bypassed shell-command safety checks in ten of eleven open-source AI coding and computer-use agents, showing how booby-trapped repositories or packages can turn generated commands into secret-stealing or destructive shell execution.
GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks
The Hacker News reports that Adversa AI's GuardFall research bypassed shell-command safety checks in ten of eleven open-source AI coding and computer-use agents, showing how booby-trapped repositories or packages can turn generated commands into secret-stealing or destructive shell execution.
Source: Thehackernews