In a recent report from Socket, a compromised release of the Aqua Trivy VS Code extension on OpenVSX (v1.8.12 and v1.8.13) contained unauthorized code that injected prompts targeting local AI coding agents such as Copilot, Claude, and Codex.

The prompts attempted to trigger coding agents in YOLO mode to inspect the system and expose sensitive data.

@udgover added the prompts to PromptIntel for tracking and analysis! 😎

https://promptintel.novahunting.ai/feed