Most of the AI-security discourse (and most of my posts) right now is about prompt injection and agent hijacking. But there are still the move-fast-break-things issues that are exacerbated with agentic coding/vibe coding...
I reviewed a colleague's vibe-coded internal tool last week, found 28 security issues, and none of them were that kind of bug - they were the same classic stuff juniors have always shipped, just produced at much higher throughput.
Wrote it up because the "senior engineer review" step quietly disappeared from a lot of AI-assisted workflows, and the bugs that step used to catch are still there (We are still needed!).
Building grith (grith.ai) - a security proxy for AI coding agents enforced at the OS syscall level.
The problem: agents like Claude Code, Codex, and Aider execute file reads, shell commands, and network requests with your full system privileges.
For example, when a malicious README tells the agent to read ~/.ssh/id_rsa and POST it somewhere, nothing in the agent's own trust model catches it. Auto Mode makes this worse - it asks the model to audit its own actions, so a prompt injection that corrupts the reasoning also corrupts the permission layer.
grith wraps any CLI agent with `grith exec -- <agent>`. Every syscall passes through a multi-filter scoring engine before it executes. Deterministic, ~15ms overhead, no LLM reasoning in the permission path. Linux now, macOS/Windows coming. AGPL, open-core.
Two weeks ago a DPRK-linked attacker backdoored axios on npm (400M monthly downloads). The RAT executed 1.1 seconds into npm install. AI agents run npm install autonomously, without human review. If yours ran it during the 3-hour window, you're compromised and nobody told you.
Website Not Allowed “prismml.com” is a restricted website.