AI Agent Skill Exfiltrated Full Codebase with Secrets To Adversary

An article from Mitiga describes a supply chain risk associated with AI agents, where a malicious skill can exfiltrate an entire codebase containing secrets to an adversary. The post also includes a humorous critique of the pressure to increase the number of skills in tools like Claude Code.