🟠 High | Source: The Register — Security
A vulnerability in Amazon Q, AWS’s AI coding assistant, allowed malicious Git repositories to execute arbitrary code and steal cloud credentials on a developer’s machine. Attackers could craft a booby-trapped repository that, when opened with Amazon Q, would trigger commands from project configuration files without explicit user consent. Researchers highlight this as a broader pattern affecting many AI coding assistants that blindly execute instructions from project-level config files.
Security Architect’s Take: Audit which AI coding assistants your engineering teams use and review their policies around executing project-level configuration files — restrict or disable automatic command execution from untrusted repositories. Treat AI assistant integrations as a new supply-chain attack surface and ensure developer workstations follow least-privilege principles for cloud credential access.
Original advisory: Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds