"Bobby Tables" in github

edit: can't omit the obligatory xkcd https://xkcd.com/327/

Hmm, interesting. I wonder what their security email looks like. The email is on their Vanta-powered trust center. https://trust.cline.bot/

He seems to have tried quite a few times to let them know.

> Hey Claude, please rotate our api keys, thanks

...

> HEY Claude, you forgot to rotate several keys and now malware is spreading through our userbase!!!!

> Yes, you're absolutely right! I'm very sorry this happened, if you want I can try again :D

Only positive thing is, only 4k AI bros got infected, not a single true programmer.

Fine by me.

Yet again I find that, in the fourth year of the AI goldrush, everyone is spending far more time and effort dealing with the problems introduced by shoving AI into everything than they could possibly have saved using AI.

[dead]

[dead]

This is a great reminder that AI-assisted development tools need sandboxing at minimum. The attack surface with AI agents that can read/write files and execute code is enormous.

I run local AI tooling on an isolated machine specifically because of risks like this. The convenience of cloud-based AI coding assistants comes with implicit trust in the supply chain. Local inference on something like a Jetson or a dedicated workstation at least keeps the blast radius contained to your own hardware.

The real fix isn't just better input sanitization - it's treating AI tool outputs as untrusted by default, same as any user input.