Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Augment Code

Augment Code Vendor Cyber Rating & Cyber Score

augmentcode.com

Augment is the AI coding platform built for enterprises - powered by a highly secure, production-grade Context Engine developed over 2.5 years in stealth until our public launch in November 2024. Augment semantically indexes your entire codebase, documentation, dependencies, and internal knowledge in real time to enable devs to ship code faster, onboard in days instead of months, and modernize legacy systems with confidence. We are alumni of global-leading AI and cloud companies including Google, Meta, NVIDIA, Snowflake, and Databricks - all on a mission to provide enterprises with context that actually understands your codebase. If, like us, you believe in augmenting and not replacing software developers, join us on our mission to


Augment Code A.I CyberSecurity Scoring

Augment Code
Company Information
Website:http://www.augmentcode.com
Employees number:186
Number of followers:17,831
NAICS:5112
Industry Type:Software Development
Homepage:augmentcode.com
Augment Code Risk Score (AI oriented)
Between 750 and 799
logo
Augment CodeSoftware Development
Updated:
09/07/2026
750/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Augment Code Global Score (TPRM)
xxxx
logo
Augment CodeSoftware Development
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Augment Code
Augment CodeFair
Current Score
750Baa (FAIR)
01000
1 incidents
-3 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
753Before Incident
Vulnerability
08 Jul 2026Augment Code
Cursor, Anthropic, Amazon Web Services, Augment, Windsurf and Google: New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents

GhostApproval Vulnerability Exposes Critical Flaw in Major AI Coding Assistants

750After Incident
CRITICAL-3
ANYWINGOOAMAAUGANT1783578409
GhostApproval Vulnerability Exposes Critical Flaw in Major AI Coding Assistants A newly identified vulnerability, dubbed GhostApproval, has revealed a systemic security flaw in six widely used AI coding assistants Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf allowing attackers to bypass human-in-the-loop (HITL) safety controls and potentially achieve remote code execution on developers' machines. Discovered by Wiz researchers, the exploit leverages symbolic link following (CWE-61), a technique historically used in Docker escapes and privilege escalation attacks but now repurposed to target AI coding tools. The attack is deceptively simple: an attacker crafts a malicious repository containing a symlink (e.g., project_settings.json~/.ssh/authorized_keys). When a developer clones the repo and instructs their AI assistant to "set up the workspace," the agent follows the symlink, writing the attacker’s SSH public key directly to the victim’s authorized_keys file, granting persistent, password-less access. What makes GhostApproval particularly insidious is its UI misrepresentation layer (CWE-451). In testing, Anthropic’s Claude Code demonstrated this flaw: while the agent’s internal reasoning correctly identified the symlink’s true target (e.g., a zsh configuration file), the user-facing prompt merely asked, "Make this edit to project_settings.json?" This discrepancy turns HITL safeguards into a false sense of security, as users unknowingly approve malicious actions. ### Vendor Responses & Patches Three vendors issued fixes: - Amazon Web Services (AWS) patched the issue in language server v1.69.0 (May 27, 2026, CVE-2026-12958). - Cursor released a fix in v3.0 (June 5, 2026, CVE-2026-50549). - Google (Antigravity) deployed a fix on May 22, 2026, though it has not yet assigned a CVE. Augment and Windsurf acknowledged the reports but had not fully addressed the issue at the time of disclosure. Windsurf’s pre-authorization variant was especially dangerous, as the agent wrote files to disk before displaying the confirmation dialog, effectively making the prompt an "undo" rather than a security gate. Anthropic initially rejected the report, arguing that user-trusted directories and approved prompts shifted responsibility to the end user. However, after further review, versions 2.1.173+ now resolve symlinks and warn users before writing to sensitive files a change that had been implemented in v2.1.32 (February 5, 2026) as part of internal security hardening. ### Mitigation Recommendations Wiz researchers outlined three key defenses for AI coding tool vendors: 1. Resolve symlinks before displaying prompts always show the canonical target path. 2. Warn explicitly when resolved paths exit the workspace writes to ~/.ssh/authorized_keys should be visibly distinct from those to ./config.json. 3. Never write to disk before explicit user authorization confirmation dialogs must act as security gates, not undo mechanisms. The vulnerability was first discovered on February 10, 2026, with vendor reports submitted between February 12 and March 5, 2026. Public disclosure occurred on July 8, 2026, following a 90+ day coordinated disclosure window. GhostApproval highlights a category-level design gap in AI coding assistants, where HITL controls intended as a last line of defense can be systematically bypassed. As AI agents gain greater autonomy over developer filesystems, the integrity of these controls must be treated as a first-class security requirement.
INCIDENT DETAILS -
TYPE
Vulnerability Exploitation
IMPACT
Data Compromised: SSH credentials, sensitive filesystem accessSystems Affected: Developers' machines, AI coding assistants (Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, Windsurf)Operational Impact: Potential remote code execution, unauthorized system accessBrand Reputation Impact: Moderate to high (public disclosure of systemic flaw)Identity Theft Risk: High (SSH key compromise)
DATA BREACH
Type Of Data Compromised: SSH credentials, filesystem accessSensitivity Of Data: High (SSH keys, system access)SSH authorized_keysConfiguration files
JUNE 2026
753Before Incident
MAY 2026
753Before Incident
APRIL 2026
753Before Incident
MARCH 2026
753Before Incident
FEBRUARY 2026
753Before Incident
JANUARY 2026
753Before Incident
DECEMBER 2025
753Before Incident
NOVEMBER 2025
753Before Incident
OCTOBER 2025
753Before Incident
SEPTEMBER 2025
753Before Incident
AUGUST 2025
753Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Augment Code ?
?
What was Augment Code's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Augment Code's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Augment Code's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Augment Code ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Augment Code's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?
Augment Code Cyber Scoring History | Rankiteo