AI coding agents are running on your machines — Do you know what they're doing?

AI coding agents are increasingly integrated into developer environments and CI/CD pipelines, operating with minimal oversight and posing unique security challenges due to their ability to execute commands, read files, and make network connections. These agents, which include Claude Code, Gemini CLI, and Codex CLI, are structurally vulnerable to prompt injections, operate with broad OS-level permissions, and lack robust separation between instruction and data, making them susceptible to manipulation. Current runtime security measures are inadequate as these agents behave more like interactive users rather than deterministic programs, necessitating syscall-level observation to detect unauthorized activities. The Sysdig Threat Research Team has developed detection strategies focusing on observable behaviors at the syscall level, such as unauthorized configuration access and safety control bypasses, to monitor these agents effectively. As these systems evolve and integrate further into cloud environments, the need for robust security measures becomes more critical to address their expanding attack surfaces and the complex threat models they introduce.