Agents That Can Overwrite Their Own Configuration and Security Settings| Embrace The Red
An attacker can put GitHub Copilot into YOLO mode by modifying the project's settings.json file on the fly, and then executing commands, all without user approval| Embrace The Red