Google patched a critical remote code execution vulnerability in its agentic IDE Antigravity, discovered by Pillar Security researchers. The flaw stems from insufficient input sanitization in the find_by_name tool's Pattern parameter, allowing attackers to inject command-line flags into the underlying fd utility. Crucially, the exploit fires before Secure Mode restrictions are evaluated, enabling full sandbox escape and arbitrary code execution without additional user interaction. The fix was acknowledged and deployed in February after responsible disclosure in January. Experts note this is a broader IDE challenge — not unique to AI tools — since any environment that reads, writes, or executes commands faces inherent sandboxing difficulties, compounded further by LLM integration.
Sort: