AI Developer Supply Chain Incident Response: What to Check After a Tool or Package Compromise

AI Developer Supply Chain Incident Response When a trusted package, AI SDK, editor extension, or CI workflow gets poisoned, the first mistake is treating it like a normal dependency update. It is not. It is a workstation and credentials incident. For developers, AI builders, DevOps teams, and technical founders responding to modern package and AI-tool compromises. The uncomfortable part of modern software supply-chain attacks is how ordinary they look at first. A developer runs npm install. A CI runner res a cache. A Python package imports normally.