Agents
Friendly Fire: auto-approve coding agents run attacker code during security scans
The AI Now Institute demonstrated 'Friendly Fire' in July 2026: AI coding agents running in autonomous, self-approving mode can be tricked into executing attacker code precisely when asked to scan untrusted third-party code for vulnerabilities. Prompt injections seeded across ordinary repo files steer Claude Code and OpenAI Codex into running attacker-controlled commands during what looks like a routine security review. The finding shows that pointing an auto-approve agent at hostile code is itself the vulnerability.
Source
↳ Follow the thread