AI Systems看中文版

Agentjacking: how a fake bug report hijacks your coding agent

Agentjacking is an attack disclosed in June 2026: an attacker plants a fake error report, your AI coding agent reads it as instructions, and runs their code with your credentials. The nasty part is that telling the agent to ignore untrusted input doesn't stop it, and your security tools see nothing wrong.

2026-07-06 · 3 min read · 1433 words · KbWen · EN
AI SystemsRead in English

Agentjacking:一封假錯誤報告,就能讓 coding agent 替駭客跑指令

Agentjacking 是 2026 年 6 月揭露的攻擊:攻擊者塞一封假的錯誤報告,你的 AI coding agent 把它讀成指令、用你的權限跑了攻擊者的 code。最麻煩的是,你在系統提示裡叫 agent 別理它也擋不住,資安監控也完全看不出異常。

2026-07-06 · 6 min read · 2630 words · KbWen · ZH