Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead.
That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls « Friendly Fire. » It works against Anthropic’s Claude Code and OpenAI’s Codex when either is running in an autonomous mode that approves its own
