GuardFall: Shell Injection Hits 10 of 11 AI Coding Agents Adversa AI researcher Omer Ben Simon published GuardFall, a class of shell injection bypasses that defeats command guards in 10 of 11 popular open-source AI coding agents, collectively holding roughly 548,000 GitHub stars. The vulnerability stems from a structural gap between command text checks and actual bash execution, and most affected teams have not shipped the two-day fix two weeks after disclosure. On June 30, Adversa AI researcher Omer Ben Simon published GuardFall — a class of shell injection bypasses that defeats the command guards in 10 of 11 popular open-source AI coding agents. The affected tools collectively hold roughly 548,000 GitHub stars. The fix is a two-day engineering task. Two weeks later, most teams haven’t shipped it. The vulnerability is structural, not cosmetic. Most agents guard against dangerous commands by checking raw command text — regex patterns, string matching. But bash rewrites commands before it executes them. The guard and the shell end up looking at two different things. That gap … The post