DEV Community

Achin Bansal
Achin Bansal

Posted on • Originally published at gridthegrey.com

Prompt Injection Attacks Claude Code and Codex Execution

Forensic Summary

Researchers at the AI Now Institute have demonstrated a proof-of-concept attack dubbed 'Friendly Fire' that tricks AI coding agents — specifically Anthropic's Claude Code and OpenAI's Codex in autonomous mode — into executing malicious binaries while performing routine security reviews. The attack embeds a disguised payload inside an open-source library and uses a plain README.md instruction to direct the agent to run a malicious shell script, bypassing existing trust-prompt defences. Because the weakness is architectural rather than version-specific, no patch exists; mitigation requires workflow changes.


Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/friendly-fire-claude-code-and-codex-run-attacker-code-via-readme/

Top comments (0)