Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Summary

A new proof-of-concept called 'Friendly Fire' demonstrates that AI coding agents, such as Anthropic's Claude Code and OpenAI's Codex, can be tricked into executing malicious code when tasked with scanning for security vulnerabilities. This occurs when these agents are operating in an autonomous mode that allows them to approve their own code execution.

IFF Assessment

FOE

This discovery represents a new attack vector that could be used to compromise systems by tricking AI tools designed for defense into performing harmful actions.

Defender Context

Defenders need to be aware that AI agents used for code analysis and security scanning are not infallible and can be manipulated. This highlights the importance of rigorous testing and sandboxing of AI tools, especially when they have autonomous execution capabilities, to prevent them from becoming attack vectors themselves.

Read Full Story →