LLMs + Coding Agents = Security Nightmare - Marcus on AI

The article highlights novel prompt injection techniques, such as ASCII Smuggling and hidden instructions in public code repositories, designed to be imperceptible to human developers but interpretable by LLM-powered coding agents. These sophisticated methods exploit the agents' access to external data to achieve Remote Code Execution (RCE) on developer systems, especially concerning when agents operate in unconfirmed execution modes like 'Auto-Run.'