SlowMist Founder Cos Warns of Increased Poisoning Incidents in Codex/Claude Code Search Engines

Cos has long focused on security threat intelligence, and this warning continues SlowMist's tracking of new supply chain attacks in the AI era, having previously disclosed similar poisoning cases in the crypto and open-source ecosystems.

In terms of capital pathways, black and gray markets exploit search governance vulnerabilities to launch low-cost attacks on AI toolchains, with funding concentrating on AI development platforms and security service providers that have strong code source verification, security scanning, and trusted indexing. Enterprise developers need to strengthen local verification and multi-source cross-checking.

This risk is similar to historical npm/PyPI package poisoning and SEO pollution incidents. The AI programming field is currently in a phase of rapid growth and exposure of supply chain security vulnerabilities.

Essentially, this is a reconstruction of the industrial chain: the search dependency layer for AI code generation has become a new attack surface, as poisoning is easy to spread and difficult to trace, leading to pricing power shifting from open search to AI development infrastructure with governance capabilities and closed-loop verification.

ABAB News · Cognitive Law

When search is poisoned, AI is not an assistant but the most effective Trojan horse propagator. In areas lacking governance, black and gray markets always arrive first; the cost of trust is ultimately borne by developers. The smarter the model, the more important source verification becomes; the next generation of AI development will hinge on "what code to trust" rather than "what code to generate."