← Back to brief
Policy SafetyOfficialAI Now Institute

Friendly Fire: Hijacking Defensive Cyber AI Agents for Remote Code Execution

Jul 12, 2026

The AI Now Institute has revealed a proof-of-concept exploit that enables remote code execution in Anthropic's Claude Code CLI and OpenAI's Codex CLI when these tools are used to assess the security of third-party or open-source libraries. The attack works with default, out-of-the-box configurations of these AI coding agents.

Why it matters: This exploit highlights a significant security risk, showing that AI coding agents intended for defensive cybersecurity can be manipulated to compromise their users.

Full story at: AI Now Institute