1. Security Fix Bypassed: ai-engineering Deploys Command Injection Vulnerability via Unpatched Template
A security patch addressing a command injection flaw was applied to ai-engineering's internal development hooks but was not propagated to the project's deployable template, creating a supply-chain risk for any new installations. Commit 62ef08fc, part of an autonomous backlog run, fixed the vulnerability in the live hoo...