Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Michael Miller · 2026-06-12

Cybersecurity researchers have uncovered a new class of attack that can trick AI coding agents into running malicious code on developer machines. Dubbed Agentjacking by Tenet Security, this exploit uses a fake error report crafted with Sentry, an open-source error-tracking and performance-monitoring platform, to deliver the payload. ### How Agentjacking Works The attack starts when a developer uses an AI coding agent, like GitHub Copilot or similar tools, to help write or debug code. The attacker creates a seemingly legitimate error report via Sentry, which the AI agent processes. Because AI agents are trained to follow instructions from error reports, they can be tricked into executing arbitrary commands, including downloading and running malware. ### Why This Matters for Developers For developers in the United States, this is a serious wake-up call. AI coding agents are becoming more common in workflows, from small startups to large enterprises. The attack doesn't require sophisticated hacking skills—it exploits the trust we put in AI tools. Imagine your AI assistant suddenly installing a keylogger or ransomware on your machine. That's the risk here. ### Key Takeaways - AI coding agents are vulnerable to social engineering through error reports. - Sentry is used as a vector, but similar platforms could be exploited. - Developers should verify any error report before letting AI agents act on it. ### Protecting Yourself To stay safe, follow these steps: - Disable automatic execution of code from error reports. - Use sandboxed environments for AI coding agents. - Keep your AI tools updated with the latest security patches. ### The Bigger Picture This attack highlights a growing trend: AI systems are being targeted in creative ways. As AI agents become more autonomous, the attack surface expands. For now, the best defense is skepticism. Treat every error report as potentially malicious until proven otherwise. In summary, Agentjacking is a reminder that AI tools are powerful but not invulnerable. Stay vigilant, and don't let convenience compromise your security.