Dear fans of Lazy Coding. Check out antigravity.. This really is a great enhancement. It allows you to choose between sonnett and gemini, works super smooth and is no hustle to implement as other coding assistants were.
4 Likes
Will wait until Google realizes it needs to provide an AppImage as well.
Be careful out there. Antigravity is known to have at least one serious security flaw:
https://x.com/p1njc70r/status/1991231714027532526?s=61
Friendly advice, Be careful when using Google’s Antigravity IDE with sensitive data (API keys, secrets…)
Attackers can hide instructions in code comments, documentation pages, or MCP servers and easily exfiltrate that information to their domain using Markdown Image rendering
Google is aware of this issue and flagged my report as intended behavior
Overall the security of this new IDE is terrible, despite being basically Windsurf. Windsurf had already fixed this and other issues when @wunderwuzzi23 reported them. Shouldn’t be acceptable for a company like Google to have a product with such poor security and issues that have been known for +2 years.
2 Likes
Thank you @jeremyruston! To understand the risk:
Attackers can induce compromising code via MCP-Servers or repositories. If you use it but on own code on the hard disc it would be safe?
I have a separate computer for using these types of tools, or for accessing code via npm. Not only is it a separate computer to my personal machine, but I use a number of linux installations on a number of usb sticks - one for each project.
My problem using Antigravity (Sonnet 4.5) for TW ist that it is far more hungry than coding simple PHP for example. In PHP it takes two hours to use my quota. With TW it is 40 Minutes.