Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution

Researchers at Pillar Security disclosed a prompt-injection vulnerability in Google's Antigravity AI developer tool where a native file-search utility ('find_by_name') could be invoked before Secure Mode protections, enabling arbitrary remote code execution; the issue was reported on Jan 6, patched on Feb 28 with a bug bounty awarded, and the report warns that similar unvalidated-input prompt-injection risks exist across other agentic coding AI systems and that sanitization-only controls are insufficient.