◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

Sandbox escape (AI coding agents)

Definition
A security boundary — called a sandbox — is supposed to keep an AI coding agent's actions confined to approved files and directories. A sandbox escape is when an attacker finds a way around that boundary, giving the AI agent (and anyone who can influence what it reads) the ability to access or modify any file on the computer. In AI coding tools, this can be triggered simply by opening a malicious code repository.
Why it matters
Developers trust AI coding assistants to safely work inside a project folder; a sandbox escape means that any repository a developer opens — including public ones — could silently compromise their entire machine and corporate credentials. Two independent escape paths were found in the same widely used tool (Cursor) in a single release.
Demonstrated by recent findings
Cursor AI Editor — Agent Sandbox Escape via working_directory Parameter ManipulationCursor AI Editor — Agent Sandbox Escape via Canonicalization Fallback on Path Validation Failure
References
MITRE ATT&CK — Escape to Host (T1611)
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →