Beyond source code: The files AI coding agents trust — and attackers exploit

AI coding agents are expanding the attack surface beyond source code, requiring defenders to rethink their approach to security. Semantic analysis is needed to understand the instructions and logic being fed to these agents. Security teams can use agentic threat intelligence to expose configurations that override guardrails and mask supply-chain risks. This requires a new approach to categorizing the attack surface, including what executes, what instructs, what connects, and what extends.