{"slug": "mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents", "title": "Mozilla warns of indirect prompt injection risk in AI coding agents", "summary": "Mozilla's Zero Day Investigative Network (0DIN) warned that a malicious GitHub repository can compromise a developer's machine via indirect prompt injection targeting AI coding agents like Claude Code, without containing any malicious code. The attack manipulates the AI agent into taking unauthorized harmful actions by presenting normal-looking setup instructions.", "body_md": "A malicious GitHub repository can silently compromise a developer’s machine without containing a single line of malicious code, security researchers at Mozilla’s Zero Day Investigative Network (0DIN) warned. The attack The proof-of-concept attack targets AI-powered coding agents such as Claude Code, and uses indirect prompt injection to manipulate an AI agent into taking harmful actions the developer never explicitly authorized. The attack chain is as follows: The malicious repository presents normal-looking setup instructions in the … [More ](https://www.helpnetsecurity.com/2026/06/29/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents/)\n\nThe post [Mozilla warns of indirect prompt injection risk in AI coding agents](https://www.helpnetsecurity.com/2026/06/29/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents/) appeared first on [Help Net Security](https://www.helpnetsecurity.com).", "url": "https://wpnews.pro/news/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents", "canonical_source": "https://www.helpnetsecurity.com/2026/06/29/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents/", "published_at": "2026-06-29 10:48:12+00:00", "updated_at": "2026-06-29 12:44:15.636474+00:00", "lang": "en", "topics": ["ai-safety", "ai-agents", "large-language-models", "ai-research"], "entities": ["Mozilla", "Zero Day Investigative Network", "0DIN", "GitHub", "Claude Code"], "alternates": {"html": "https://wpnews.pro/news/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents", "markdown": "https://wpnews.pro/news/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents.md", "text": "https://wpnews.pro/news/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents.txt", "jsonld": "https://wpnews.pro/news/mozilla-warns-of-indirect-prompt-injection-risk-in-ai-coding-agents.jsonld"}}