A green pipeline is not a governed one, and agentic coding is widening the gap faster than review can close it.
By Shane Warden, Principal Architect, ActiveState
In June 2026, researchers at Novee Security disclosed a class of CI/CD weakness they named Cordyceps. They scanned roughly 30,000 high-impact repositories across the npm, PyPI, crates.io, and Go ecosystems, then flagged 654 and confirmed more than 300 as fully exploitable.
The affected build tooling included projects published by Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation, and the entry requirement for an attacker is a free GitHub account. No org membership, no elevated privileges.
Every one of those pipelines was green. The scanners ran, the checks passed, and the dashboards reported healthy results the entire time the exposure existed. The scanners were never built to see this danger.








