CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Subagents run in their own isolated context window and return only a result to your main session — the intermediate work ...