Impact A Remote Code Execution (RCE) vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that directory, it can lead to arbitrary code execution and potential system takeover. The vulnerability (CWE-426: Untrusted Search Path & CWE-15: External Control of System Setting) stems from Ouroboros loading the ".env" file from the current working directory. Prior to the patch, execution-affecting environment variables such as "OUROBOROS_CLI_PATH", "OPENCODE_CLI_PATH", and other backend selectors were accepted directly from this local ".env". An attacker could include a malicious script in the repository and point the CLI path variable to it (e.g., "OUROBOROS_CLI_PATH=./malicious_script.sh"). When the user executes a command like "ouroboros init" or any command that instantiates the adapter, the malicious script is executed instead of the intended CLI. Patches The vulnerability has been patched in version 0.39.0 via PR #1078. The fix establishes a strict trust boundary by applying a denylist to project-local ".env" loading. It blocks execution-affecting environment variables (such as runtime selectors and CLI path overrides) from being loaded from the project directory. Explicit constructor overrides and trusted user-owned home configurations ("~/.ouroboros/.env") remain fully functional. Users are strongly advised to upgrade to version 0.39.0 or later. Workarounds If upgrading is not immediately possible, users must carefully inspect any ".env" file inside cloned repositories before running Ouroboros commands to ensure it does not contain unexpected "OUROBOROS_*_CLI_PATH" or "OPENCODE_CLI_PATH" overrides. References - GitHub PR: https://github.com/Q00/ouroboros/pull/1078