Skip to content
i for one
← All topics

#supply-chain

1 article

5 min read

Your AI Agent Reads Untrusted Code for a Living

A sabotaged jqwik release and a critical Starlette flaw expose one blind spot: coding agents run third-party code under a threat model nobody designed for.

securityai-tooling