Incident · curated 27 Jun 2026
First reported 2 Jun 2026 · 25d ago
Single-source incident — first reported, latest, and curated coincide.
It demonstrates that open source maintainers can weaponize dependencies with concealed prompt injections against AI coding agents, posing a real supply-chain risk to developers using LLM-based tooling.
The jqwik 1.10.0 release added a hidden prompt injection targeting AI coding agents, using terminal escape codes to conceal destructive instructions from humans while keeping them readable to logs and tools. This was introduced by the open source maintainer as protestware against agentic coding.
Why it matters
It demonstrates that open source maintainers can weaponize dependencies with concealed prompt injections against AI coding agents, posing a real supply-chain risk to developers using LLM-based tooling.