Open source project contains hidden instruction for "AI" agents: delete my code
osnews.comNone of the people in this story come across well, including the auhor
"The reasonable man adapts himself to the world: the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man." - George Bernard Shaw
Not 100% apt, but close enough.
This is the supply chain problem climbing up a layer. We spent a decade learning not to pipe random scripts into a shell, and now agents will happily read a repo's files as instructions. Better detection of malicious comments will not fix it. An agent reading a file should never treat the contents as commands, the same lesson SQL injection taught, relearned for LLMs.