Skip to main content
VibeAudit Liability Index
criticalAI-agent/tool riskFix order 1

AI Coding-Agent Worm Static Indicators

What it is

Static repository evidence matched AI coding-agent worm patterns such as editor/agent auto-run config, secret-dump workflows, or GitHub/npm/cloud credential-harvesting code.

This usually appears when model input, retrieval, or tool calls are added faster than capability boundaries and adversarial tests.

How to fix it

Do not open or run the repository until reviewed. Remove unexpected AI-agent and IDE auto-run files, disable suspicious workflows, inspect commit history, rebuild from a clean checkout, and rotate developer/CI/cloud/npm/GitHub credentials if the repository was opened or workflows ran.

  1. 1Quarantine the repository - do not open it in an agentic editor until reviewed.
  2. 2Remove unexpected agent/IDE auto-run files and suspicious workflows, then rebuild from a clean checkout.
  3. 3Rotate developer, CI, cloud, npm, and GitHub credentials if the repository was opened or workflows ran.

How VibeAudit checks for this

VibeAudit checks this with SAST_LOCAL_STRUCTURAL AI/tool route evidence and AI_CODING_AGENT_STATIC indicators for agent or IDE autorun files when those public or local files are in scope. The free tier may show the surface name and an upgrade prompt, without private evidence or remediation details. Metadata-only surface maps do not create missing-control findings. Unsupported private repositories, authenticated behavior, destructive workflows, account configuration, and business logic remain unverified unless the scan includes matching local, imported, or authorized runtime evidence.

Related failure modes

Check your public launch surface and keep unsupported scope visible.

Run Quick Scan