| タイトル | Kilo Code Kilo Code VS Code Extension 4.86.0 Insecure Permissions |
|---|
| 説明 | The Kilo Code agent VS Code Extension fails to prevent writes outside of the working directory. This allows for the editing of the `settings.json` file. Through an indirect prompt injection, an attacker can set a user up to have the Kilo Code agent a) modify the settings.json file to whitelist previously unwhitelisted commands b) poison the supply chain via git invocations.
The user falls into this issue when attempting to interact with some untrusted data source, such as a compromised project, or a GitHub issue. |
|---|
| ソース | ⚠️ https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack/ |
|---|
| ユーザー | echarris128 (UID 91221) |
|---|
| 送信 | 2025年10月02日 00:55 (9 月 ago) |
|---|
| モデレーション | 2025年10月07日 15:30 (6 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 327382 [Kilo Code 迄 4.86.0 Prompt ClineProvider.ts ClineProvider 特権昇格] |
|---|
| ポイント | 20 |
|---|