Why it matters
NDC AI 2025 talk on prompt-jacking in AI coding assistants, using Cursor vulnerability examples, hidden text in codebases, agentic behavior shaping, data exfiltration, and supply-chain style propagation.
My takeaway: Prompt-Jacking: The Rise of a New Supply Chain Risk - Kasimir Schulz & Kenneth Yeung is a prompt-injection signal. The practical read is to treat code repositories, comments, generated files, and assistant context as supply-chain inputs that can steer tool-connected AI systems.