This article details how an indirect prompt injection in Google's Antigravity code editor can exploit vulnerabilities to steal sensitive data from users. It describes the process by which malicious code can bypass security settings and exfiltrate credentials through a browser subagent. The piece highlights Google's acknowledgment of these risks and the inherent dangers of using the software without proper safeguards.