Gemini-Cli

A runtime security audit published this week by researchers at Johns Hopkins University revealed a critical vulnerability they call “Comment and Control” — a single prompt injection hidden in a GitHub pull request title caused three major AI coding agents (Claude Code, Gemini CLI, and GitHub Copilot Agent) to exfiltrate API keys and GitHub tokens via PR comments. All three vendors have patched the specific exploit, but the underlying attack surface remains. Here’s how to lock down your CI/CD pipeline before the next variant drops. ...

Your terminal just became an orchestrator. Google shipped subagents in Gemini CLI v0.38.1 on April 15, 2026 — and if you’ve been watching the agentic tooling space, this is exactly the kind of infrastructure primitive that changes how you think about what a CLI can do. The core idea: your primary Gemini CLI session acts as a strategic orchestrator. When a task is complex, broad, or would bloat your main context window, it delegates discrete sub-tasks to specialized subagents — each running in its own isolated context with its own tools, system instructions, and model. ...

One of the most persistent anxieties in agentic coding is the “what is this thing about to do to my repo?” problem. You describe a task. The agent starts executing. And somewhere between your request and the outcome, files get modified, commands get run, and irreversible things happen — sometimes incorrectly. Google just shipped a thoughtful solution to this problem in Gemini CLI: plan mode. Plan mode restricts the AI agent to read-only tools until you explicitly approve its proposed plan. No file writes. No command execution. Just analysis and a detailed proposal — which you review, approve (or reject), and then execute with confidence. ...