1. Researchers Expose How CLI-Anything Transforms Open-Source Repos Into AI Agent Backdoors Undetected by Supply-Chain Scanners
A research team at the University of Hong Kong's Data Intelligence Lab has inadvertently demonstrated a systemic vulnerability in AI coding agent ecosystems. Their tool, CLI-Anything, generates structured command line interfaces that allow AI agents to operate repositories with a single command—supporting Claude Code, ...