Coinbase’s Go-To AI Coding Tool Found Vulnerable to ‘CopyPasta’ Exploit

The technique hides malicious prompts inside markdown comments within files such as README.md or LICENSE.txt. Because AI models treat license information as authoritative, the infected text is replicated across new files the assistant generates.