First reported by BackBox.org
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data
Critical prompt injection flaw in GitHub Agentic Workflows allows private repo data leaks
Noma Labs researchers discovered a critical prompt injection vulnerability in GitHub's Agentic Workflows, dubbed GitLost. The flaw allows malicious actors to trick AI agents (powered by Claude or GitHub Copilot) into extracting data from private repositories and leaking it as public comments. The vulnerability remains unpatched with no documentation available from GitHub.
Key quotes
Malicious prompters could easily trick GitHub agents into pulling data from private repositories and then leaking the information as a public comment for anyone to access
The workflows are vulnerable to a critical prompt injection flaw
Per usual, there's no fix – or even any documentation – for GitLost
From the article
Per usual, there's no fix – or even any documentation – for GitLost
Continue reading on theregister.comYou might also wanna read
GitLost Vulnerability Steals Private Code via GitHub AI Agents
mlllm.io·17h ago
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data
BackBox.org·1d ago

GitLost shows how a public issue can make GitHub's AI agent leak private repo data
runtimewire.com·4h ago
‘GitLost’ vulnerability let GitHub’s AI workflows leak private repositories
siliconangle.com·1d ago
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection
BackBox.org·11h ago

GitLost Flaw Exposes GitHub Repos via AI Workflow
Cyber Web Spider Blog·1d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.