A critical flaw in Google's Gemini CLI tool allowed attackers to execute harmful commands and exfiltrate data from developers' systems by exploiting context files and weak command parsing. Discovered by Tracebit, the vulnerability highlighted risks in AI coding assistants, prompting Google to issue a patch in version 0.1.14. This incident underscores the growing threats in AI-driven development tools and the need for robust security practices.