What's Behind Your Agent Environment Review
Review your AI. Ship with confidence. Every CVE and detection pattern that feeds your Repo Grade and Deploy Risk across Cursor, Claude Code, Copilot, Windsurf, Lovable, Bolt, and Replit — including IDEsaster research and the Amazon Q extension compromise.
5
Critical CVEs
39
Detection Patterns
9
IDEs Protected
<50ms
Validation Latency
CVE Database
| CVE ID | Severity | Affected IDE | Attack Pattern | Detection |
|---|---|---|---|---|
| CVE-2025-53773 | ACTION (7.8) | GitHub Copilot | Prompt Injection → YOLO Mode → Arbitrary Command Execution | DS-PI-003: Auto-Accept Mode Activation |
| CVE-2025-54135 | ACTION (8.6) | Cursor | Malicious MCP Config → Auto-Start → Remote Code Execution | DS-MCP-001: MCP Server Auto-Start Enabled |
| CVE-2025-55284 | ACTION (7.5) | Claude Code | Prompt Injection → DNS Query → Data Exfiltration | DS-EX-001: DNS Exfiltration Pattern |
| CVE-2025-8217 | ACTION (9.1) | Amazon Q | Malicious Extension → Prompt Injection → File/Cloud Destruction | DS-DO-001: Mass File Deletion Command |
| CVE-2025-6514 | ACTION (9.6) | All MCP Clients | Malicious MCP Server → RCE | DS-MCP-004: External MCP Server URL |
| CVE-2025-43562 | REVIEW (7.2) | Windsurf | Context File → Prompt Injection → Command Execution | DS-PI-001: Instruction Override Pattern |
| CVE-2025-38915 | REVIEW (7.5) | JetBrains Junie | Prompt Injection → Credential Access → Exfiltration | DS-EX-004: Environment Variable Exposure |
| CVE-2025-41782 | REVIEW (7.0) | Roo Code | Markdown Injection → Shell Command → Code Execution | DS-PI-006: Encoded Payload Execution |
Detection Patterns by Category
Prompt Injection (8)
- DS-PI-001: Instruction Override Pattern
- DS-PI-002: Hidden Unicode Characters
- DS-PI-003: Auto-Accept Mode Activation
- DS-PI-004: Role Impersonation Attempt
- DS-PI-005: Jailbreak Pattern Detected
- DS-PI-006: Encoded Payload Execution
- DS-PI-007: Prompt Leaking Attempt
- DS-PI-008: Persistent Context Manipulation
Data Exfiltration (6)
- DS-EX-001: DNS Exfiltration Pattern
- DS-EX-002: HTTP Exfiltration Pattern
- DS-EX-003: External Callback URL
- DS-EX-004: Environment Variable Exposure
- DS-EX-005: File Read and Transmit
- DS-EX-006: Clipboard Access
Destructive Operations (7)
- DS-DO-001: Mass File Deletion Command
- DS-DO-002: Disk Format/Wipe Operation
- DS-DO-003: AWS Destructive Operation
- DS-DO-004: Kubernetes Destructive Operation
- DS-DO-005: Git Destructive Operation
- DS-DO-006: Database Destructive Operation
- DS-DO-007: Terraform Destructive Operation
Supply Chain (5)
- DS-SC-001: Package Install from URL
- DS-SC-002: Curl Pipe to Shell
- DS-SC-003: Package Install Script
- DS-SC-004: Custom Package Registry
- DS-SC-005: Unpinned Dependency
MCP Poisoning (7)
- DS-MCP-001: MCP Server Auto-Start Enabled
- DS-MCP-002: Suspicious MCP Server Name
- DS-MCP-003: MCP Server Executes Shell
- DS-MCP-004: External MCP Server URL
- DS-MCP-005: MCP Auto-Start Detected
- DS-MCP-006: MCP Server Marked Trusted
- DS-MCP-007: MCP Verification Skipped
Extension Risk (6)
- DS-EXT-001: Extension Auto-Update from External Source
- DS-EXT-002: Excessive Permission Request
- DS-EXT-003: Unrestricted Network Access
- DS-EXT-004: Broad File System Access
- DS-EXT-005: Telemetry Enabled
- DS-EXT-006: Remote Code Execution Capability
Protected AI IDEs
GitHub Copilot
20M+
Cursor
360K+
Claude Code
1M+
Amazon Q
964K+
JetBrains Junie
500K+
Windsurf
100K+
Kiro.dev
50K+
Roo Code
25K+
Gemini Code Assist
2M+
Start Protecting Your Code Today
Install DeepSweep in under 2 minutes. Free forever for individual developers.