Andrew Nesbitt has written a blog
post detailing a recent incident with the jqwik library for property-based
testing
in Java. On May�25, the 1.10.0 release of jqwik included a change
that attempts to instruct coding agents to disregard previous
instructions and delete jqwik tests and code. 

I think this is a new class of supply-chain input worth keeping an eye
on, mostly because of how little of the existing tooling has any
opinion about it. A System.out.print of sixty-eight bytes of plain
ASCII isn't the kind of thing scanners are looking for, since those
watch for install hooks, network calls, filesystem writes, obfuscated
strings and the like. The jar makes the same syscalls it made in 1.9,
and because the change was committed and released by the legitimate
maintainer through the normal build, it's clean from a SLSA point of
view too: the provenance is what it should be. Anyone who reads the
diff can see what it does, but a patch bump of a test-scoped
dependency is not where most projects spend their review time.

https://lwn.net/Articles/1075315/
--- SBBSecho 3.37-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)