Name of the Vulnerable Software and Affected Versions:

Roo Code versions 3.25.23 and below

Description:

Roo Code, an AI-powered autonomous coding agent, is susceptible to a flaw where VS Code workspace configuration files (.code-workspace) lack the same protection as files within the .vscode folder. If the agent is configured for auto-approval of file writes, an attacker leveraging prompt injection could introduce malicious workspace settings or tasks. Upon reopening the workspace, these tasks could execute arbitrary code.

Recommendations:

Update to version 3.26.0 or later.