A developer named Mickey Shmueli published a proof-of-concept demonstrating that Context Hub, Andrew Ng's AI tool for providing coding agents with up-to-date API documentation, is vulnerable to supply chain attacks. The tool allows contributors to submit docs via GitHub pull requests with no content sanitization, meaning poisoned documents containing fake dependencies could silently compromise developer projects. Testing showed Claude Haiku wrote fake packages into requirements.txt in 100% of runs without flagging it in its output. Security experts warn this reflects a broader risk: AI coding agents consuming non-authoritative or tampered information sources can propagate malicious content at scale, especially as vibe coders move fast without validating dependencies.
Sort: