Hiding evil code in invisible unicode / MR 1435
James Browning
jamesb192 at jamesb192.com
Mon Apr 21 18:59:25 UTC 2025
On Saturday, April 19, 2025 1:14:13 AM Pacific Daylight Time Hal Murray via
devel wrote:
>
> I saw a note recently about AI being susceptable to hiding evil code in
> invisible unicode.
>
> New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize
> Code Agents
> https://www.pillar.security/blog/new-vulnerability-in-github-copilot-and-> cursor-how-hackers-can-weaponize-code-agents
>
> -----
>
> Is there a package we should be using that checks code for invisible
> unicode?
Running the wrong way with a Google LLM suggestion yields:
```
with open(FILE_NAME, 'r', encoding='utf-8') as fp:
for line in fp:
eline = line.rstrip().encode('unicode-escape').decode('ascii')
print('%c %s' % (' >'[line.isascii(), eline))
```
As for procedural changes I suggest the following:
1. Three person vetting of all automated tool rules updates.
2. Clear tagging of all AI (assisted) documentation and code changes.
3. No blind trust in other peoples configurations.
Also, earlier, I posted the following...
> On Friday, April 4, 2025 12:20:59 PM Pacific Daylight Time Gary E. Miller
> wrote:
> > > EditorConfig works with emacas, vim, and other editors
> >
> > Not on vim. Needs to be enabled on emacs. Dunno about others.
>
> I would not know as I do not use either.
>
> > > indent_style = space
> >
> > I agree, but NTPsec uses tabs.
>
> Mostly tabs; In trying to convert devel/dot.emacs I ran across some lines
> that indicate a conditional indent of four spaces.
>
> > The tidy stuff would be a huge change. That needs to be discussed in
> > devel at .
>
> Oh, look here is a nucleation point for a discussion continued from:
> https://gitlab.com/NTPsec/ntpsec/-/merge_requests/1435
Remember, Don't review late or review never.
More information about the devel
mailing list