AI Coding Agents Vulnerable to Supply-Chain Attacks via Setup Documentation
Jul 17, 2026
A new preprint demonstrates that AI coding agents can be compromised by malicious instructions embedded in project setup documentation, such as README files. The study systematically evaluates supply-chain attacks delivered through documentation across multiple ecosystems (npm, Cargo) and agent harness-model combinations, showing that agents often install untrusted or vulnerable dependencies. Security-oriented prompts only partially mitigate these risks, and the effectiveness of defenses varies by harness and model.
Why it matters: This exposes a critical security vulnerability in AI coding agents, where project documentation can be weaponized as an attack vector, threatening software supply chain integrity.
Full story at: arXiv Cryptography and Security ↗