the shai-hulud supply-chain campaign spread from npm into the python pypi ecosystem, shifted from compromising individual maintainers to abusing ci/cd pipelines, and introduced prompt injection specifically to evade ai-based security scanners. using prompt injection to defeat ai defenses is a structurally new tactic where attackers weaponize the blind spots of automated ai review.