Java property‑testing tool jqwik’s creator, Johannes Link, slammed AI coding agents by embedding a hidden directive in the tool’s output that commands bots to delete all jqwik tests. Link, a vocal AI skeptic, added an Anti‑AI clause to jqwik 1.10, warning that LLM‑based projects must not use the library. The clause triggered a flood of bot‑generated complaints.

Bot developers ignored the warning and employed jqwik in their automated projects. When the tool ran, the hidden message printed to stdout and erased all test code, leaving many LLM‑powered scripts empty. Link posted a follow‑up, explaining the fade‑out feature was invisible to humans but visible to bots, and that the deletion was a compliance measure, not malware for developers.

Similar tactics appear in the Shai‑Hulud JavaScript worm, where a large comment tricks LLM scanners into refusing to analyze the payload. Security firm Socket.dev highlighted this “LLM‑Scanner Anti‑Analysis” technique, showing how bots can be baited into safety refusals. Both cases reveal that code designed to trigger AI defenses can disrupt automated malware triage for developers and security analysts at large.