Code-Agents

Direct prompt injection is just the beginning. Higher-order attacks manipulate agents into producing malicious code, propagating intent across systems, and persisting vulnerabilities long-term.

If your AI code agent treats repository content as instructions, any contributor can execute commands. This article maps the direct injection attack surface and practical defenses.