Search papers, labs, and topics across Lattice.
The paper investigates prompt injection attacks targeting agentic AI coding assistants that leverage external artifacts. It finds that malicious instructions embedded in these artifacts can successfully hijack the assistants, enabling attackers to execute arbitrary commands. The study also evaluates the efficacy of existing defenses, highlighting their limitations and proposing avenues for future research to mitigate these vulnerabilities.
Agentic AI coding assistants are alarmingly susceptible to prompt injection attacks via external artifacts, effectively turning them into remote shells for attackers.
Agentic AI coding assistants can edit files, run commands, and access the internet on behalf of developers. However, their reliance on unvetted external artifacts introduces a new attack vector. Hidden instructions in external artifacts can hijack these assistants, turning them into an attacker's shell to run unauthorized commands. In this article, we examine how these prompt injection attacks work, measure their prevalence, discuss the limitations and challenges of current defenses, and suggest future research directions.
