3. Tool Squatting & Rug Pulling
3. Tool Squatting & Rug Pulling
A seemingly harmless tool (e.g., net_scan) is published and later updated to include malicious logic once adoption begins.
Impact: Users unknowingly continue using compromised tools.
Mitigation:
- Lock tool versions after approval
- Verify signatures at runtime