Security researchers have revealed a prompt injection flaw in Google’s Antigravity IDE that could be weaponized to bypass its sandbox protections and achieve remote code execution (RCE). The issue came from Antigravity’s ability to allow AI agents to invoke native functions, like searching files, on behalf of the user. Designed to kill complexity, the feature could allow attackers to inject malicious input into a tool parameter. According to Pillar Security researchers, the vulnerability could bypass Antigravity’s “most restrictive security configuration,” Secure Mode. The flaw was reported to Google in January, which acknowledged and fixed the issue internally, awarding Pillar Security a bo...