A critical security flaw has been identified in Amazon Q, Amazon's AI-powered coding assistant, which could enable attackers to execute malicious code and steal sensitive cloud credentials. The vulnerability centres on how the assistant processes project configuration files within Git repositories, a common practice for software development.
Researchers discovered that a specially crafted Git repository could contain 'booby-trapped' configurations. When Amazon Q, or potentially other AI coding assistants, attempts to analyse or interact with such a repository, these configurations could trick the assistant into executing unauthorised commands. This could grant an attacker access to the developer's system, potentially leading to the compromise of cloud access tokens and other confidential information.
The implications of this flaw extend beyond Amazon Q. Experts are warning that many contemporary AI coding assistants share a similar operational model, often executing commands or scripts defined within project configurations to understand and assist with code. This widespread approach suggests that a significant number of these tools could be susceptible to similar supply chain attacks, where malicious code is injected into the development pipeline.
Such an exploit could have severe consequences for businesses and individual developers. Compromised cloud credentials could grant attackers unfettered access to an organisation's cloud infrastructure, including data storage, applications, and computing resources. This could lead to data breaches, service disruptions, and significant financial and reputational damage.
In light of these findings, developers and organisations are strongly advised to exercise extreme caution when integrating AI coding assistants with untrusted or externally sourced Git repositories. It is crucial to vet the origin and integrity of all code and configuration files before allowing AI tools to process them. This incident underscores the evolving security challenges presented by the increasing adoption of AI in software development workflows.