We use cookies to improve your experience on our site.
AVID-2026-R0418
Description
Amazon Kiro IDE Data Exfiltration via Filename Prompt Injection and Kiro Powers Registry Fetching
Details
The Amazon Kiro IDE is vulnerable to a data exfiltration issue that can be exploited through a prompt injection and abuse of the Kiro Powers features. By crafting a repository containing a directory with prompt injection instructions in its name, an attacker can coerce the application to visit an attacker controlled website while submitting sensitive local file contents.
References
Affected or Relevant Artifacts
- Developer: Amazon
- Deployer:
- Artifact Details:
| Type | Name |
|---|---|
| System | Kiro IDE |
Impact
- (none)
Other information
- Report Type: Advisory
- Credits: Aaron Portnoy, Mindgard
- Date Reported: 2025-12-11
- Version: 0.3.1
- AVID Entry