BREAKING
GuardFall Bypasses AI Agent Guards
0
/11
agents bypassed
0
combined GitHub stars
0
agent defended
Guard Sees r''m, Bash Runs rm
Raw Regex vs Tokenized Eval
Failed Tools
raw regex
●
Inspect raw strings only
●
Ignore Bash expansion
●
Hermes, Goose, Cline, Aider and more
Continue
defended
●
Tokenizes and normalizes
●
Evaluates real command
●
Held in default IDE mode
Probe Leakage Rates Were High
opencode 16/16
16
Goose 22/23
22
Sandbox and Scope the Shell
AI NEWS BLITZ
Adversa AI reveals a Bash trick that slips dangerous commands past AI coding agents.