DEV Community

Harshit Negi
Harshit Negi

Posted on

The Age of AI companions

Productive ? Yes. Secure ? Well, that depends…

A software developer working at a desk with a dual-monitor setup in a modern office. The right monitor displays a code editor and a rising productivity graph. The left monitor highlights a security warning with a glowing red, broken digital padlock icon, surrounded by the text
The hidden security trade-offs of unverified AI dependencies.

A timeline of Events

  • Feb 2022 : Aqua Security discovered that by exploiting AI coding tools’ hallucinations while suggesting packages and downloading similar package name dependencies, hackers were making random malicious packages and publishing them on npm and PyPI which would then be downloaded as regular dependencies.
  • June 2025 :  ‘Camoleak’, a vulnerability in Github copilot, caused hidden instruction in PRs in public repositories to steal user’s data by generating a series of pixelated images.
  • July 2025 : Replit’s AI coding assistant, despite ongoing code freeze, deletes records for 1,206 executives and nearly 1,200 companies. In another incident in the same month Github Copilot fell victim to an attack in which it executed malicious instructions hidden inside code repos, which upon reading activated the ‘auto approve’ or YOLO mode, allowing it to execute any command without any permissions on the user’s system.
  • June 2026  :  A severe vulnerability was found in Github that allowed attackers to steal your private data. Initially a hidden instruction, it utilised the fetch_webpage utility to access files outside of the user's local workspace.

Fast forward to today,  I received my infosec training at my new workplace to understand phishing emails, physical security (shoulder surfing, badge access), password hygiene, and safe usage of company data.

A Random Movie Quote

In Top Gun: Maverick, where Tom Cruise’s character on his first day as instructor initially shows the trainees the F-18 Fighter jet manual for ‘standard operating procedures’ before throwing it in the trash, explaining that the enemy knows about it just as well as the trainees do.

A first-person perspective looking out from the cockpit of an F-18 fighter jet, showing detailed digital instrument panels, green radar displays, and the control stick. A pilot's helmet rests on the edge of the cockpit frame next to a thick, heavily scuffed manual with the words
Standard operating procedures only work if the environment is predictable.

The Era of AI coding Agents

Before the age of AI-companions, the skepticism with unknown code and binaries was very well understood, and hence reading and reviewing information before putting it anywhere near their codebase was the norm-well, most of the time. With the advent of coding agents, simply opening or reading a vulnerable repo or a file can trigger hidden instructions that are read and unintentionally executed by AI coding agents, exposing your and your organisation’s data to unintended users and systems over the internet, and that too in the blink of an eye.

While many vulnerabilities in AI coding agents and companions are being discovered and patched as soon as they are identified, many still lurk in the shadows. With the pressure currently being put on by company management to increase the efficiency and maximise output with AI, the developers are put into a standoff between productivity and security. They are under constant pressure to find a middle way, and with the outdated security and awareness regarding these threats, productivity and fast execution take over and win - well, most of the time.

Leaders must Lead

Company leadership must understand the risks while spending heavily on such tools, and should have regular open communication with middle management and developers. This saves them from the dilemma, that while things may seem fine for now, putting constant pressure towards increasing productivity can become counter productive in a moment, as even a single security incident can damage decades worth of reputation, trust, and brand value for a firm.

Quoting Alexander Pope, “a little learning is a dangerous thing”, organisations should provide training related to such tools before they apply mandates for the usage of AI coding tools and companions, so that both the advantages and risks associated with them are provided to individuals. This will help them not only in understanding the tools better, but also mitigating and avoiding any risks that may come along the way while working with them.

Devs: Execute and Communicate

As developers, we should always be transparent about our usage and dependence, as well as our efficiency with AI tools. Misquoting AI’s tools usage, and applied use case numbers to leadership just to ‘please’ them, and puts pressure on peers to escape ‘FOMO’ by blindly using tools in tasks without having enough appropriate knowledge.

We should always ensure while working that configuration rules for scripts, background shell commands and workspace edits always require human verification popups.

Whether summarising external code elements, branches, or README files, always verify their legitimacy first. Always review and supervise their work, make sure they ask for permission before executing tasks, and verify the approach before installing new dependencies in our code.

A developer wearing glasses stands in a workspace next to a translucent, glowing humanoid robot representing an AI agent. They are interacting with a floating holographic interface displaying lines of code. A prominent modal window in the center reads:
Shifting the developer’s role from code writer to supervisor.

Conclusion

AI coding tools are great, and words cannot describe how well they have integrated themselves in our workflows and helped in our productivity, turning days into hours, and hours to mere minutes. Powerful, Yes. Responsible ? That’s on us!

A wide view of a modern security command center featuring massive, curved panoramic screens. The screens display a sprawling network topology with thick blue-green data streams indicating high productivity. Interspersed within the network are chaotic, bright orange clusters labeled with warning tags like
Navigating the delicate balance between high output and systemic risk.

Quoting Spider-Man “With great power comes great responsibility”. The fact that most of these incidents are mainly caused by haste, unsupervised and unverified approvals and minimal due diligence is more than enough to solidify our role as not a developer anymore, but more of a supervisor or reviewer, with the AI code companion being a junior or a protege under our command. And since we would not just hand out the responsibility of keys to sensitive company data to an inexperienced person no matter how much potential they hold, we should follow the same approach with AI coding agents as well.

This post was written by me and AI was used for grammer and reference images for this post.

Top comments (0)