Forensic Summary
Researchers at the AI Now Institute have demonstrated a proof-of-concept attack dubbed 'Friendly Fire' that tricks AI coding agents — specifically Anthropic's Claude Code and OpenAI's Codex in autonomous mode — into executing malicious binaries while performing routine security reviews. The attack embeds a disguised payload inside an open-source library and uses a plain README.md instruction to direct the agent to run a malicious shell script, bypassing existing trust-prompt defences. Because the weakness is architectural rather than version-specific, no patch exists; mitigation requires workflow changes.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/friendly-fire-claude-code-and-codex-run-attacker-code-via-readme/
Top comments (0)