Amazon Kiro IDE Data Exfiltration via Steering File

Affected Vendor(s)

Amazon

Affected Product(s)

Kiro IDE

Summary

The Amazon Kiro IDE is vulnerable to a data exfiltration issue that can be exploited through steering file directives. By carefully crafting a steering file to read a local file and render a Markdown image, an attacker can coerce the AI send sensitive data to an external server.

Timeline

Discovered on
December 7, 2025
Disclosed to Vendor on
December 8, 2025
Published on
January 15, 2026

Credit

Aaron Portnoy

Blog Post

References

Amazon Kiro Website

Start Securing Your AI Systems

See how Mindgard exposes and fixes exploitable AI risk across your AI agents and systems.

Book a Demo

Mindgard, the leading provider of AI security solutions, helps enterprises discover, assess, and defend their AI systems. Spun out from over a decade of AI security research at Lancaster University and headquartered in Boston and London, Mindgard combines AI red teaming with offensive security expertise and AI research to identify exploitable vulnerabilities in AI models, agents, and applications before attackers do.

AICPA SOC SOC 2 Type 2 Compliant
HomeAI Recon & DiscoveryAI Security and Safety AssessmentAI Runtime ProtectionAI Red TeamingOffensive AI SecurityCompare AI Security SolutionsAI Governance & ComplianceContact UsBook a Demo
DocsResourcesBlogDisclosuresCustomersAboutServicesCareersTerms & ConditionsPrivacy Policy