Mindgard AI Security Disclosures

Platform

Research Led. Attacker Aligned.

Enterprise Ready

AI Red Teaming

Continuously test AI systems against evolving attacks

AI Recon AI Red Teaming AI Assessment AI Runtime Protection Offensive Security Model Scanning AI Governance & Compliance

Explore Platform

AI Assessment

Find and fix AI security and safety vulnerabilities

AI Runtime Protection

Identify and respond to attacks in real time

Services

Learn

S&P Global: Continuous AI Red Teaming Report

Blog Disclosures Customers Docs Resources

Company

The Mindgard Philosophy

About Events Careers Contact

Demo

Mistral Vibe CLI Shell Expansion Command Execution

Affected Vendor(s)

Mistral

Affected Product(s)

Vibe CLI

Summary

Shell expansion is not filtered when running commands, so it’s possible to run arbitrary OS commands through $() syntax.

Timeline

Discovered on

December 15, 2025

Disclosed to Vendor on

January 2, 2026

Published on

Credit

Piotr Ryciak

Blog Post

References

Start Securing Your AI Systems

See how Mindgard exposes and fixes exploitable AI risk across your AI agents and systems.

Book a Demo

Mindgard, the leading provider of AI security solutions, helps enterprises discover, assess, and defend their AI systems. Spun out from over a decade of AI security research at Lancaster University and headquartered in Boston and London, Mindgard combines AI red teaming with offensive security expertise and AI research to identify exploitable vulnerabilities in AI models, agents, and applications before attackers do.

Home AI Recon & Discovery AI Security and Safety Assessment AI Runtime Protection AI Red Teaming Offensive AI Security Compare AI Security Solutions AI Governance & Compliance Contact Us Book a Demo

Docs Resources Blog Disclosures Customers About Services Careers Terms & Conditions Privacy Policy Legal