Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks
Adversa AI discovered GuardFall, a structural flaw in multiple open source AI agents that lets malicious Bash instructions slip past pattern-based guards and execute with the operator’s authority. The issue can expose secrets, exfiltrate AWS credentials, or damage development environments through poisoned content such as README files, Makefiles, or MCP server data. #GuardFall #AdversaAI #Bash #Continue #Hermes #OpenCode #Roo-code #NousResearch

Keypoints

  • GuardFall is a structural flaw in open source AI agents.
  • Malicious Bash tricks can bypass regex-based shell guards.
  • Poisoned repository files can trigger destructive command execution.
  • Most tested agents failed to block the Bash trick classes.
  • Continue was the only agent that stopped all tested bypasses.

Read More: https://www.securityweek.com/decades-old-bash-tricks-expose-ai-coding-agents-to-supply-chain-attacks/