In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade ouroboros-ai to version 0.42.1 or higher.
ouroboros-ai is a Specification-first workflow engine for AI coding agents. Works with Claude Code and Codex CLI.
Affected versions of this package are vulnerable to Arbitrary Code Injection via the processing of environment variables such as CODEX_HOME, OPENCODE_CONFIG, OUROBOROS_MCP_CONFIG, and others, which are auto-loaded from untrusted project directories. An attacker can execute arbitrary commands by supplying a malicious .env file or ./.ouroboros/mcp_servers.yaml that redirects configuration or execution paths to attacker-controlled files. This is only exploitable if the application is run from an untrusted or cloned repository directory containing attacker-supplied configuration files.
This vulnerability can be mitigated by avoiding execution from untrusted or cloned repository directories and by removing any project-directory .env and ./.ouroboros/mcp_servers.yaml files before running.