Skip to content

Open source maintainers targeted by AI agents

We have human attackers trying to get in our repos, now we also have non-human ones. Every skill, MCP, and permission can get you compromised.

We have human attackers trying to get in our repos, now we also have non-human ones to worry about. Remember:

  • every skill you use
  • every MCP you connect to
  • every permission you grant

...can all get you compromised, if malicious. Always check, verify and err on the side of caution. Vibe-security will only bring you bad-vibes.

Olivier Reuland