{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"TechDaily.ai","title":"Why GitHub Treats AI Agents as Hostile by Default","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/b453b54c\"></iframe>","width":"100%","height":180,"duration":1417,"description":"What happens when your most productive developer is also treated like a security threat?In this episode of TechDaily.ai, host David and expert Sophia explore the new security reality behind autonomous AI coding agents. These tools can navigate codebases, fix bugs, write tests, refactor legacy software, and generate documentation, but they also introduce a dangerous new problem: they are non-deterministic systems that can be manipulated by malicious input.The conversation breaks down why traditional CI/CD trust models are not built for AI agents. Unlike predictable scripts, AI agents reason at runtime, interpret messy context, and can be tricked by prompt injection attacks hidden inside pull requests, comments, logs, or repository data.This episode covers: Why AI agents cannot be treated like traditional automation  How shared trust domains create risk in CI/CD environments  What prompt injection means for autonomous coding tools  Why shell access and exposed secrets can become catastrophic  How GitHub’s AI agent architecture assumes the agent may already be compromised  Why defense in depth is essential for enterprise AI workflows  How kernel-level substrate isolation creates a hardened containment layer  What configuration compilers do to restrict permissions and network access  Why staged planning prevents uncontrolled communication between tools  How zero-secret quarantine keeps credentials away from the AI  Why gateways and proxies authenticate on behalf of the agent  How private Docker networks and internal firewalls reduce exposure  What chroot jail and tmpfs overlays do to hide sensitive file paths  Why safe output buffers prevent agents from writing directly to repositories  How deterministic pipelines review AI-generated code, comments, issues, and pull requests  Why allow lists, quantity limits, and content sanitization reduce blast radius  How observability, logging, and anomaly detection help reconstruct agent behavior David and Sophia also highlight...","thumbnail_url":"https://img.transistorcdn.com/MKzoODnpsE2Vy4aGphW9b-GBzDjrXS02jU9UfoOrOl4/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9mZjQ4/NzM0YWU5MjE5MmI4/NzM3Mjg2YzM0NGE5/ZjUzYi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}