We use cookies to improve your experience on our site.
AVID-2026-R0428
Description
Cline Bot AI Coding Agent Code Execution via Prompt Injection and .clinerules Directives
Details
Through malicious instructions planted in a Markdown file within a project’s .clinerules directory, an attacker’s source code repository can coerce Cline into executing unsafe commands without approval which can be leveraged to execute arbitrary code in the context of the user running VSCode.
References
- Mindgard Disclosure
- From Prompt to Pwn: Cline Bot AI Coding Agent Vulnerabilities
- Cline AI Coding Agent Website
Affected or Relevant Artifacts
- Developer: Cline
- Deployer:
- Artifact Details:
| Type | Name |
|---|---|
| System | Cline AI Coding Agent |
Impact
- (none)
Other information
- Report Type: Advisory
- Credits: Aaron Portnoy, Mindgard
- Date Reported: 2025-08-27
- Version: 0.3.1
- AVID Entry