CVE-2025-53097 Roo Code extension vulnerable to Potential Information Leakage via JSON Schema

Roo Code is an AI-powered autonomous coding agent. Prior to version 3.20.3, there was an issue where the Roo Code agent's searchfiles tool did not respect the setting to disable reads outside of the VS Code workspace. This means that an attacker who was able to inject a prompt into the agent coul...