RE: https://mastodon.social/@campuscodi/116154291574332497
> We're entering an era where AI agents attack other AI agents. In this campaign, an AI-powered bot tried to manipulate an AI code reviewer into committing malicious code. The attack surface for software supply chains just got a lot wider.
@cwebber On the other hand, the successful attacks listed in this article were carried out against CI scripts not sanitizing inputs, and allowing PR changes to scripts to be executed, and too much network access for the scripts—all of which did not include an AI coding agent on the repository side. The one attack that tried to fool the AI PR agent was the one that failed. So one could argue that the AI PR agent was the one that performed the best against this attack!
NB I’m *not* advocating for AI PR agents. Far from it. I think they should be treated with suspicion.
Christine Lemmer-Webber
Dave Rahardja