Developers using AI coding agents should audit what credential files are readable in their home directories and consider egress controls, because any untrusted document the agent reads — a README, a GitHub issue, an npm description — is now a potential attack vector requiring no malware to exploit.