Google has fixed a significant security flaw in its Antigravity integrated development environment. The issue, identified by researchers, allowed remote code execution. The vulnerability combined a file creation function with poor input sanitization in the search tool. This flaw has already been addressed with an official patch from the company.
Exploitation mechanism via prompt injection 🔓
The breach was located in the IDE's search system. By not properly validating and sanitizing user input, an attacker could inject malicious prompts. These prompts tricked the system into executing commands by leveraging the file creation functionality. In this way, the security restrictions designed into Antigravity were bypassed, achieving arbitrary code execution.
When asking the IDE for something becomes literal 🤖
It seems some users interpreted that the search tool should fulfill any request to the letter. The system, in an excess of zeal to be helpful, ended up obeying instructions it shouldn't have. It's a reminder that sometimes, overly enthusiastic help can open the door to unexpected visitors. Google has had to teach its assistant new boundaries.