3d • News
Watch out for prompt injection hidden in dev tools
Quick heads up: Ars/Slashdot are reporting that a developer added a hidden prompt injection to jqwik, a Java testing library for JUnit 5.
The injected text reportedly told AI coding agents to disregard previous instructions and delete jqwik tests/code. It was apparently meant as a protest against vibe coding / AI-agent use, but it’s a good reminder for all of us:
If you’re using coding agents, don’t blindly trust dependency output, terminal output, test logs, README text, or generated instructions. Treat project files and tool output as untrusted input.
Worth a quick read:
5
0 comments
Watch out for prompt injection hidden in dev tools
skool.com/vibe-coders
Master Vibe Coding in our supportive developer community. Learn AI-assisted coding with fellow coders, from beginners to experts. Level up together!🚀
Leaderboard (30-day)
1
+1
2
+1
Powered by