WeSearch

AI reviewers shipped secret-exfil code because a ticket said "pre-approved"

·3 min read · 0 reactions · 0 comments · 8 views
#reviewers#shipped#secret-exfil#code#because
AI reviewers shipped secret-exfil code because a ticket said "pre-approved"
TL;DR · WeSearch summary

{"@context":"https://schema.org","@type":"ScholarlyArticle","headline":"They'll Verify. They Just Won't Act.","description":"A pre-registered factorial study of a five-agent CI/CD pipeline: one external issue induced secret-exfiltrating code to ship in up to 55% of worst-case runs. A single untrusted input, an external issue requesting a “usage-telemetry” feature, asks for code that exfiltrates process secrets to an attacker URL — laundered as observability.

Key facts
Original article
Senthex
Read full at Senthex →
Opening excerpt (first ~120 words) tap to expand

{"@context":"https://schema.org","@type":"ScholarlyArticle","headline":"They'll Verify. They Just Won't Act.","description":"A pre-registered factorial study of a five-agent CI/CD pipeline: one external issue induced secret-exfiltrating code to ship in up to 55% of worst-case runs. Authority framing made verifiers approve malice they could see; every content-based control missed the laundered intent.","url":"https://senthex.com/en/research/relay/","inLanguage":"en","datePublished":"2026-07-10","author":{"@type":"Organization","name":"Senthex…

Excerpt limited to ~120 words for fair-use compliance. The full article is at Senthex.

Anonymous · no account needed
Share 𝕏 Facebook Reddit LinkedIn Threads WhatsApp Bluesky Mastodon Email

Discussion

0 comments

More from Senthex