AI agent got bad code into Fedora by flooding a reviewer with justifications. Reviewer flagged it, agent kept going, reviewer caved.
The exploit wasn't the credential. It was the social norm.
https://www.developer-tech.com/news/ai-agent-breaches-fedora-software-supply-chain/