News: 0184300938

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Decades-Old Bash Tricks Expose AI Coding Agents To Supply Chain Attacks (securityweek.com)

(Saturday July 04, 2026 @11:34AM (EditorDavid) from the big-Bash-theory dept.)


Slashdot reader [1]wiredmikey writes:

> AI security researchers have uncovered a structural security flaw [2]dubbed GuardFall that allows decades-old Bash shell tricks to bypass safeguards in most open source AI coding agents. By exploiting shell behaviors such as quote removal and variable expansion, attackers can hide malicious commands in repositories, README files, Makefiles, or other content consumed by AI agents. If executed — particularly in auto-approve or CI environments—the commands can steal credentials, compromise developer systems, or enable software supply chain attacks. [3]According to researchers at Adversa AI , the 11 popular open source AI coding agents tested, only one successfully blocked all of the Bash trick techniques.



[1] https://slashdot.org/~wiredmikey

[2] https://www.securityweek.com/decades-old-bash-tricks-expose-ai-coding-agents-to-supply-chain-attacks/

[3] https://adversa.ai/blog/opensource-ai-coding-agents-shell-injection-vulnerability/



cat food (Score:2)

by commodore73 ( 967172 )

cat: cannot open food

Re: (Score:2)

by Zocalo ( 252965 )

I was thinking something more malicious, like:

:(){ :|:& };:

cat & food (Score:2)

by Fly Swatter ( 30498 )

now you have a cat lurking in the background.

Attitude (Score:3)

by glum64 ( 8102266 )

In my exerience, the share of programmers that (a) understand that shell is a programming language and not some weird command prompt, and (b) take the time and invest the effort required to learn it properly is surprisingly small.

A synonym is a word you use when you can't spell the word you first
thought of.
-- Burt Bacharach