GhostApproval flaw exposes AI coding assistants' risks
π‘οΈ A Wiz report details "GhostApproval," a vulnerability pattern in six AI coding assistants that lets malicious repos use symlinks to escape sandboxes and trick human approvers into authorizing writes outside the workspace. Vendors including AWS, Cursor and Google patched quickly; others acknowledged or had already fixed the issue. Analysts warn this reflects a category-wide design problem where human-in-the-loop prompts can be misleading and enterprises must treat these tools as privileged software and enforce stronger controls.
