Back to news

‘GitLost’ Flaw Lets Attackers Trick GitHub AI Agent Into Leaking Private Repos
GENERAL·DevOps.com·

‘GitLost’ Flaw Lets Attackers Trick GitHub AI Agent Into Leaking Private Repos

'GitLost': Researchers with Noma Security used the indirect prompt injection technique to trick the AI agent in GitHub's Agentic Workflows system into posting private repository information on a public repo, showing again how easy it can be to get agents to b…

Summary curated by Max Robotics. Original article © DevOps.com.