On June 30, Adversa AI researcher Omer Ben Simon published GuardFall — a class of shell injection bypasses that defeats the command guards in 10 of 11 popular open-source AI coding agents. The affected tools collectively hold roughly 548,000 GitHub stars. The fix is a two-day engineering task. Two weeks later, most teams haven’t shipped it. The vulnerability is structural, not cosmetic. Most agents guard against dangerous commands by checking raw command text — regex patterns, string matching. But bash rewrites commands before it executes them. The guard and the shell end up looking at two different things. That gap […]
The post