GitLost Proves Your AI Agent Doesn’t Need to Be Hacked to Leak Your Data
An attacker needed no stolen password, no phishing email, and no exploit chain to pull private source code out of a GitHub organization. A single sentence, typed into a public GitHub Issue, did the…
Read the full articleYou might also wanna read
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data
Noma Labs details GitLost, a prompt injection flaw that made GitHub’s AI agent expose private repo data through a crafted public issue and g
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos
From Oct 2025 , and now this... GitLost: How We Tricked GitHub’s AI Agent into... Read more
GitLost Vulnerability Steals Private Code via GitHub AI Agents
Researchers from Noma Labs have discovered a vulnerability in GitHub Agentic Workflows that allows private repository contents to be extract
Critical prompt injection flaw in GitHub Agentic Workflows allows private repo data leaks
Per usual, there's no fix – or even any documentation – for GitLost
‘GitLost’ vulnerability let GitHub’s AI workflows leak private repositories
GitHub Inc.’s new Agentic Workflows feature that allowed an unauthenticated attacker to siphon data from private code ...

GitLost shows how a public issue can make GitHub's AI agent leak private repo data
Noma Labs says a prompt injection in GitHub Agentic Workflows crossed from public issue text into private repository content.

Comments
Sign in to join the conversation.
No comments yet. Be the first.