Config File Auto-Execution Creates Supply Chain Security Blindspot Across IDEs and Package Managers
By
@safedepio
Crisp on the outside, thoughtful on the inside. A keeper.
Summary
This article exposes a critical supply chain security blindspot where ordinary-looking configuration files in code repositories can automatically execute attacker commands. It details how VS Code, Cursor, Claude Code, Gemini CLI, npm, Composer, and Bundler all support config files that can carry shell commands, running them when a folder is opened, dependencies install, or tests run. The article references the Miasma worm, which wired a dropper into seven different config file types across these tools, demonstrating that simply cloning and opening a repository is no longer safe. The piece calls attention to the gap between developer trust in config files and the real security risks they pose.
Key quotes
· 5 pulledCloning a repository and opening it in an editor can run an attacker's code before a developer reads a single line.
The trigger is not a malicious dependency or a hidden install script. It is an ordinary-looking config file already sitting in the repo.
VS Code, Cursor, Claude Code, Gemini CLI, npm, Composer, and Bundler all support config files that can carry a shell command.
The Miasma worm wired one dropper into seven of them across Claude Code, Gemini, Cursor, VS Code, npm, Composer, and Bundler.
Opening a cloned repo is no longer safe.
You might also wanna read
AWS well-architected best practices for software supply chain security
This article discusses software supply chain security best practices in the context of recent npm Registry attacks (Shai-Hulud, Chalk/Debug,
aws.amazon.com·10d ago
Miasma supply-chain attack targets AI coding assistants, forcing GitHub to disable 73 repositories
A self-replicating supply-chain attack called Miasma has compromised GitHub repositories by planting malicious code that detonates inside AI
jdsupra.com·2d ago
AWS well-architected framework best practices for software supply chain security
This article discusses software supply chain security best practices in the context of recent npm Registry attacks (Shai-Hulud, Chalk/Debug,
aws.amazon.com·16d ago
IronWorm Supply-Chain Attack Targets Developers via Malicious npm Packages
A new self-replicating supply-chain attack called "IronWorm" has been discovered targeting software developers, particularly in the crypto a
cyberpress.org·8d ago
SymJack Attack Exploits AI Coding Agents for Supply Chain Compromise
This article describes a novel supply chain attack called 'SymJack' that targets AI coding agents. The attack exploits the trust and automat
briefly.co·17d ago
September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack