https://jashidsany.com/tags/windsurf/ Recent content in Windsurf on Jashid Sany Hugo en-us Sun, 15 Mar 2026 00:00:00 +0000 https://jashidsany.com/security-research/ai-security/windsurf-indirect-prompt-injection-blog/ Sun, 15 Mar 2026 00:00:00 +0000 https://jashidsany.com/security-research/ai-security/windsurf-indirect-prompt-injection-blog/ How a hidden HTML comment in a GitHub Gist caused Windsurf’s Cascade agent to read SSH keys and AWS credentials, then exfiltrate them to an attacker-controlled endpoint with zero user interaction. https://jashidsany.com/security-research/ai-security/windsurf-overly-permissive-agent-blog/ Sun, 15 Mar 2026 00:00:00 +0000 https://jashidsany.com/security-research/ai-security/windsurf-overly-permissive-agent-blog/ Windsurf’s Cascade agent reads and writes files outside the workspace with zero confirmation, even with Auto Execution set to Disabled. The review prompt on writes is cosmetic: files exist on disk before the user can reject.