""By injecting the -X (exec-batch) flag through the Pattern parameter [in the find_by_name tool], an attacker can force fd to execute arbitrary binaries against workspace files.""
""Combined with Antigravity's ability to create files as a permitted action, this enables a full attack chain: stage a malicious script, then trigger it through a seemingly legitimate search, all without additional user interaction once the prompt injection lands.""
""The critical flag here is -X (exec-batch). When passed to fd, this flag executes a specified binary against each matched file.""
Researchers identified a vulnerability in Google's Antigravity IDE that could be exploited for code execution. The flaw involved insufficient input sanitization in the find_by_name tool, allowing attackers to bypass security configurations. By injecting the -X (exec-batch) flag, an attacker could execute arbitrary binaries against workspace files. This vulnerability was due to the execution of the find_by_name tool before enforcing security constraints, enabling the execution of malicious commands through crafted input in the Pattern parameter.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]