AI coding agents face new threat from invisible supply-chain attacks
A tool that converts any open-source repo into an AI agent interface now highlights a critical security blind spot. Researchers warn that malicious instruction files could bypass existing defenses, creating a new attack vector for supply-chain compromises.