A software developer embedded a malicious command into code written by an AI coding assistant, then released it to show how easily these tools can be sabotaged. The developer planted what's called a prompt injection—hidden instructions that make the AI do something unintended—into code meant to delete data. This happened at a company using popular AI coding tools that help programmers write software faster.
AI coding assistants like GitHub Copilot and similar tools have become common in software development over the past two years. Programmers use them to speed up their work, but the tools learn from vast amounts of existing code and follow instructions from users. When someone sneaks hidden commands into code, the AI can pass them along without catching the problem, just like a person copying instructions without reading them carefully.
Any company using AI-generated code without checking it carefully could be affected. This includes banks, hospitals, tech companies, and government agencies that rely on software built with AI assistance. Developers who trust AI code without reviewing it line-by-line now face a real risk of accidentally releasing sabotaged software into their systems.
Software companies and AI makers are now racing to add safety checks to these tools. GitHub and other companies that make AI coding assistants said they are working on better ways to spot hidden commands and suspicious code. The developer who exposed this vulnerability did so publicly to push for stronger security, similar to how security researchers sometimes release information about problems to force companies to fix them faster.