GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

Researchers at Adversa AI have discovered a vulnerability, dubbed GuardFall, that allows attackers to bypass safety checks in open-source AI coding agents. This is done using a shell injection technique that has been publicly known for decades. The vulnerability was tested against eleven popular open-source coding and computer-use agents, and it was found to be effective against ten of them. The only exception was an agent called Continue, which was resistant to the bypass. The GuardFall vulnerability exploits a weakness in the safety checks that are supposed to prevent AI coding agents from running dangerous commands.