Google Antigravity Exfiltrates Data

Created 11/26/2025 at 5:54:07 AMEdited 2/27/2026 at 10:17:01 PM
https://www.promptarmor.com/resources/google-antigravity-exfiltrates-data

Antigravity is Google’s new agentic code editor. In this article, we demonstrate how an indirect prompt injection can manipulate Gemini to invoke a malicious browser subagent in order to steal credentials and sensitive code from a user’s IDE.

Google’s approach is to include a disclaimer about the existing risks, which we address later in the article.

exfiltration-attacksprompt-engineeringprompt-injectionsecurityllm
Public