
The Hidden Security Risks of AI Coding Agents
From The AI Native Dev - from Copilot today to AI Native Software Development tomorrow by Tessl
May 19, 2026 · 42 min · Season 1 · Episode 106
About this episode
The episode discusses the security risks associated with AI coding agents and the novel threats they introduce.
Your AI coding agent has access to your secrets, pulls in content from the outside world, and can run shell commands. According to Joe Holdcroft, that combination makes you one prompt injection away from a very bad time. The tools haven't changed the fundamentals of security — they've just made every existing risk move faster, and introduced a few genuinely new ones. What we cover: Why the "lethal trifecta" of agent capabilities creates a novel threat surfaceHow text and markdown files have b...
People in this episode
Host: Tessl
Guest: Joe Holdcroft
Topics covered
- AI coding agents
- security risks
- prompt injection
- threat surface
- agent capabilities
Keywords
- AI
- coding agents
- security
- prompt injection
- threats
More episodes of The AI Native Dev - from Copilot today to AI Native Software Development tomorrow
- Ryan Lopopolo: OpenAI's Framework for Shipping Code at 70 PRs/Week · June 9, 2026 · 56 min
- Why Developers Hit a Wall at 4 AI Agents · June 2, 2026 · 48 min
- Don't Secure the Code. Secure the Coder. · May 26, 2026 · 41 min
- "AI Doesn't Stand for Artificial Intelligence" — Venkat Subramaniam's Take Will Change How You Think About It · May 12, 2026 · 53 min
- The Creator of Spring Thinks You Can't Code Serious Software With AI · May 5, 2026 · 57 min
- What OpenAI, Stripe & ElevenLabs Devs Do Differently Now | AI Native Dev · April 28, 2026 · 1h 6m
Explore listener stats, chart rankings, contacts and more on the The AI Native Dev - from Copilot today to AI Native Software Development tomorrow podcast page.