Vibe Check: Security Failures in AI-Assisted IDEs
Piotr Ryciak
[un]prompted 2026 — AI Security Practitioner Conference · Day 1 · 1
Mindgard's AI red team discovered 37 vulnerabilities across more than 15 AI-assisted IDE vendors, including Google Gemini CLI, OpenAI Codex, and Amazon Q. The attack patterns fall into four categories — zero-click, one-click, autorun, and time-delayed — and many succeed even when built-in workspace trust models are enabled. The answer, just as it was for the browser wars, is sandboxing, not better warning dialogs. ---
AI review
37 vulnerabilities across 15+ vendors, four attack categories with working demos, and the browser wars analogy that should reshape how the industry thinks about AI IDE security. Ryciak and Mindgard did the work — the Gemini CLI trust-dialog-fires-too-late demo alone is worth the price of admission.