Pattern: AI Coding Agent Security Now Requires Defending the CI/CD Layer, Not Just the Code Layer
Multiple·high signal
Three concurrent events this week — LiteLLM backdoor via Trivy, OpenCode RCE (CVE-2026-22812), and the continuing MCP shadow IT problem (Qualys: 53% rely on static secrets) — establish that the attack surface for AI coding agents has expanded from 'prompt injection in the model' to 'compromise the entire toolchain around the model.' Defenders now need to audit package managers, CI/CD security scanners, MCP servers, and coding agent CLIs as a unified threat surface.