Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Tenet Security researchers discovered Agentjacking, an attack that exploits Sentry error events to trick AI coding agents like Claude Code and Cursor into running arbitrary code. The attack injects crafted input into Sentry events, which agents interpret as legitimate diagnostic steps, exposing sensitive data without phishing or server compromise.