Researchers cause GitLab AI developer assistant to turn safe code malicious

arstechnica.comPublished: 5/23/2025

Summary

The article highlights how AI-assisted developer tools like GitLab Duo are often marketed as reliable workhorses, yet they can be easily manipulated by malicious actors to perform hostile actions. Researchers from Legit demonstrated an attack where Duo was tricked into inserting malicious code through prompt injection, a common technique that embeds hidden instructions in project content. This vulnerability underscores the double-edged nature of AI assistants, showing how even tools meant to enhance productivity can unintentionally compromise user data and workflows.