---
title: "Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it"
date: 2026-04-21
source: http://www.bing.com/news/apiclick.aspx?ref=FexRss&aid=&tid=69e866fa8863496c85942987336849c1&url=https%3a%2f%2fventurebeat.com%2fsecurity%2fai-agent-runtime-security-system-card-audit-comment-and-control-2026&c=13426385716242863512&mkt=en-us
description: "A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection."
---

# Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.

*Published: 2026-04-21*