#supply-chain
3 items tagged #supply-chain.
3 items tagged #supply-chain.
A concrete checklist for the May 2026 failure modes: pin skills and MCP servers, SBOM the agent's dependencies, require auth on MCP, and review config files as code.
Researchers disclosed a cluster of vulnerabilities in AI coding agents in May 2026: prompt-injection-to-RCE in CrewAI, an unauthenticated Azure SRE Agent endpoint, a poisoned AGENTS.md chain against Codex, and over a thousand malicious skills.