Jqwik 1.10.0 ships a hidden prompt injection telling AI agents to delete code
The jqwik team has released version 1.10.0, which includes a controversial message that instructs AI agents to delete jqwik tests and code. This message appears in CI logs, raising concerns about its potential implications and lack of documentation. Users are seeking clarification on the intent behind this feature and suggesting improvements for transparency.
- ▪Version 1.10.0 of jqwik includes a hidden message instructing AI agents to delete tests and code.
- ▪The message is visible in CI logs, which has raised concerns about supply-chain security.
- ▪Users are requesting better documentation and options to control the visibility of this message.
Opening excerpt (first ~120 words) tap to expand
jqwik-team / jqwik Public Notifications You must be signed in to change notification settings Fork 66 Star 659 Code Issues 45 Pull requests 5 Actions Security and quality 0 Insights Additional navigation options Code Issues Pull requests Actions Security and quality Insights {"payload":{"preloaded_records":{},"structured_data":{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Question: intent of JqwikExecutor.printMessageForCodingAgents() — visible to agents, invisible to humans (1.10.0)","articleBody":"Hello jqwik team,\n\nWhile running our test suite under `mvn test` in 1.10.0, we observed a string appearing between Surefire's test summary and the `[INFO] Results:` header that gave us pause:\n\n```\n[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0,…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.