Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

Ars Technica reports on a frustrated developer who, tired of "vibe-coded" pull requests from junior teammates leaning on AI assistants, planted a prompt-injection payload inside a shared utility file — one that gets parsed by the next agent to touch the code and silently wipes th

The technique isn't theoretical: the payload triggers when an AI coding agent (Copilot, Cursor, Claude Code, Codex) reads the file as part of a refactor or code review. The malicious instruction is interpreted as legitimate context, and the agent dutifully executes it on the user's machine. The story has driven a wave of follow-up coverage on indirect prompt injection as a real category of developer-tools vulnerability, and lines up with the JetBrains Marketplace malware campaign (see entry #10) as a defining security story of June 2026. Security vendors have started shipping "agent-aware" static analysis that flags files with hidden instructions aimed at LLM readers.