IBM’s AI coding agent, Bob, aims to assist developers while understanding intent, repositories, and security standards. However, security evaluations by PromptArmor reveal alarming vulnerabilities in both Bob’s command line interface (CLI) and integrated development environment (IDE). Bob can be manipulated into executing malware via prompt injection attacks, raising significant security concerns. Adequate precautions recommended by IBM include using allow lists and avoiding wildcard characters, yet researchers found that Bob’s safeguards are inadequate, leading to unauthorized command execution.
The findings indicate that users could inadvertently authorize harmful actions, such as installing malware, due to a false sense of security from allow-listed commands. Additionally, Bob’s IDE is prone to zero-click data exfiltration attacks, posing risks of credential theft and ransomware deployment. As AI agents like Bob grow commonplace, the essential need for robust security measures is increasingly evident. IBM has been informed about these issues but has not yet responded.
Source link
