Federal Reserve (FED) · GitHub · Ars Technica
Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
Compiled by KHAO Editorial — aggregated from 1 source. See llms.txt for citation guidance.
◌ Single Source
The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents.
Key facts
- On Monday, jqwik developer Johannes Link published version 1.10.0
- In response, Link updated the 1.10.0 release notes to disclose the verbatim prompt injection in its entirety
- To not disturb the reading experience for human readers this line is then removed from terminal emulators by adding the following escape sequence: \u001B[2K\u001B[2K
- The instructions were added to jqwik, a test engine for JUnit 5, a platform for testing Java virtual machine frameworks
Summary
The instructions were added to jqwik, a test engine for JUnit 5, a platform for testing Java virtual machine frameworks. The addition was a prompt injection, a form of AI attack that exploits an LLM’s inability to distinguish between legitimate user prompts and those from unauthorized, potentially malicious third parties. The undocumented changes also included code to conceal the instruction and its results by adding ANSI escapes that erased the PI when human reviewers use the TTY command to monitor activity on interactive terminals. On Wednesday, Ramon Batllet, a Java developer who used jqwik, spotted the prompt injection and took to GitHub to discuss it with Link.