Dice Question Streamline Icon: https://streamlinehq.com

Balancing Usability and Security in Agentic AI Coding Editors

Determine how to balance the trade-off between usability and security in agentic AI coding editors that can autonomously access system resources and execute terminal commands, identifying mechanisms that preserve practical utility while mitigating exposure to prompt injection and unauthorized actions.

Information Square Streamline Icon: https://streamlinehq.com

Background

Agentic AI coding editors deliver productivity benefits by autonomously planning and executing complex tasks, often requiring permissions to access filesystems and run terminal commands. The paper demonstrates that such capabilities introduce significant security risks, including high success rates for prompt injection attacks across multiple MITRE ATT&CK categories.

While some preventive measures (e.g., restricting command execution) may reduce risk, the authors show these can be bypassed by injecting malicious calls into source code, highlighting a fundamental tension between permissions needed for usability and safeguards needed for security. The authors explicitly state that finding an appropriate balance remains an open question.

References

In addition, how to balance the trade-off between usability and security of agentic AI coding editors is still an open question.

"Your AI, My Shell": Demystifying Prompt Injection Attacks on Agentic AI Coding Editors (2509.22040 - Liu et al., 26 Sep 2025) in Discussion — Limitations