Python dev saved from disaster by intuition...and AI

AI AND ML Python dev saved from disaster by intuition...and AI I'm sorry, Dave. I can't install that repo that will totally hose your system. Thomas Claburn Thomas Claburn Senior reporter Published tue 16 Jun 2026 // 21:15 UTC Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI code vetting. A person claiming to be a recruiter from a small crypto startup got in touch through LinkedIn, looking for help with what she described as proof-of-concept code that didn't work. The company, she explained, needed a lead engineer.  As Imankulov described the exchange in a blog post , the recruiter asked him to look into an issue with a deprecated Node module. Something about the request seemed off. REG AD "I'd heard, as probably all of us have, about those types of attacks," Imankulov explained in a phone interview. "And I was like, 'what if this could be I could be the target?' It was just based on the past experience that I had." REG AD So he took the unusual step of spinning up a VPS on Hetzner where he cloned the repo. He then used his Pi coding agent (running Codex) to conduct a read-only analysis of the code.  "I ran an agent to test how it worked, and I was almost certain that it would return to me 'everything is clear, the code is ugly but in general it's safe to run and just go ahead and perform your review,'" he explained. "To my surprise, almost immediately the agent returned a response like, 'Don't run this code, just walk away because there's a trap.'" MORE CONTEXT AI and brain-computer interface allow speechless ALS patient to work a full-time job Three critical Fortinet sandbox bugs splattered by unknown attackers Commodore gets into the phone biz with Sailfish-powered retro 'Callback' HPE spruces up its AI infrastructure portfolio for agentic workloads The AI model had flagged one of the files, app/test/index.js. The file contained a backdoor. It took the form of a server URL, fragme