THREATOPS
THREAT OPSThreat News › Amp Code: Arbitrary Command Execution via Prompt Injection Fixed

Amp Code: Arbitrary Command Execution via Prompt Injection Fixed

lowembracetheredPublished 2025-08-05

<a id="top_ref"></a>

<p><strong>Sandbox-escape-style attacks</strong> can happen when an AI is able to modify its own configuration settings, such as by writing to configuration files.</p> <p>That was the case with <strong>Amp</strong>, an agentic coding tool built by <a href="https://ampcode.com/manual">Sourcegraph</a>.</p> <p><a href="https://embracethered.com/blog/images/2025/episode5-yt.png">

Indicators of compromise

Original source: https://embracethered.com/blog/posts/2025/amp-agents-that-modify-system-configuration-and-escape/