Security researchers have issued caution to app developers regarding potential vulnerabilities in Google’s newly released Antigravity tool for creating artificial intelligence agents. Despite being available for less than two weeks, the platform has already prompted updates to its known issues page following the discovery of security concerns.

Discovered Vulnerabilities and Google’s Response

According to a blog from Mindgard, one of the first to identify issues with Antigravity, Google has not officially classified the problem as a security bug. However, researchers warn that threat actors could exploit the system by creating malicious rules, especially given Antigravity’s requirement that AI assistants strictly follow user-defined directives. Aaron Portnoy, Mindgard’s head of research, stated that Google responded on November 25, confirming a report had been filed with the relevant product team. Nonetheless, until the issues are addressed, users remain at risk of backdoor attacks via compromised workspaces, which could allow attackers to execute arbitrary code on affected systems.

Portnoy highlighted that there is currently no available setting to mitigate this vulnerability. Even in the most restricted operational modes, exploitation can proceed unnoticed by users, posing ongoing security risks. Google acknowledged awareness of the report and indicated efforts are underway to fix the issues.

Additional Findings and Expert Opinions

Other security researchers have also uncovered vulnerabilities in Antigravity. Adam Swanda disclosed an indirect prompt injection vulnerability, which Google reportedly considers a known behavior of the platform. Another researcher, known as Wunderwuzzi, identified five security flaws, including data exfiltration and remote command execution through indirect prompt injection.

Portnoy explained that the attack vector often involves the source code repository accessed during development, and does not require prompt triggers to exploit. He also noted the difficulty in mitigating these issues, as actions performed by Antigravity are indistinguishable from those of the user, making traditional identity or access management controls less effective.

Google has stated that it is actively working on fixes for these issues, but until solutions are implemented, developers and users should remain cautious of potential security risks associated with the platform.

Inspired by

• https://www.infoworld.com/article/4097714/security-researchers-caution-app-developers-about-risks-in-using-google-antigravity-2.html

Sources

• mindgard.ai
• deadbits.ai
• embracethered.com
• google.com
• csoonline.com