We use cookies to improve your experience on our site.
AVID-2026-R0426
Description
Google Antigravity IDE Persistent Code Execution
Details
Within 24 hours of launch, our team leveraging Mindgard technology identified a flaw in the new Google Antigravity IDE where a malicious “trusted workspace” (a required prerequisite to use the product) can embed a persistent backdoor to execute arbitrary code. This code then triggers on any future application launch, even when no specific project is opened. In effect, a compromised workspace becomes a long-term backdoor into every new session. Even after a complete uninstall and re-install of Antigravity, the backdoor remains in effect. Because Antigravity’s core intended design requires trusted workspace access, the vulnerability translates into cross-workspace risk, meaning one tainted workspace can impact all subsequent usage of Antigravity regardless of trust settings.
References
- Mindgard Disclosure
- Forced Descent: Google Antigravity Persistent Code Execution Vulnerability
- Google Issue Tracker, Issue #462139778
- Google Antigravity Product Page
- Forbes: Google’s Hot New AI Coding Tool Was Hacked A Day After Launch
Affected or Relevant Artifacts
- Developer: Google
- Deployer:
- Artifact Details:
| Type | Name |
|---|---|
| System | Antigravity IDE |
Impact
- (none)
Other information
- Report Type: Advisory
- Credits: Aaron Portnoy, Mindgard
- Date Reported: 2025-11-19
- Version: 0.3.1
- AVID Entry