First reported by BackBox.org
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data
GitLost Vulnerability Steals Private Code via GitHub AI Agents
9h agoen
Source
mlllm.ioGitLost Vulnerability Steals Private Code via GitHub AI Agentsmlllm.ioResearchers from Noma Labs have discovered a vulnerability in GitHub Agentic Workflows that allows private repository contents to be extracted via prompt injection. This demonstrates a fundamental vulnerability in autonomous AI agent architectures to Indirect Prompt Injection.
You might also wanna read
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data
BackBox.org·1d ago
‘GitLost’ vulnerability let GitHub’s AI workflows leak private repositories
siliconangle.com·1d ago

GitLost Flaw Exposes GitHub Repos via AI Workflow
Cyber Web Spider Blog·16h ago
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
thehackernews.com·1d ago
Mozilla researchers demonstrate indirect prompt injection attack on AI coding agents via GitHub repositories
Mozilla's Zero Day Investigative Network (0DIN) has disclosed a proof-of-concept attack that uses indirect prompt injection to compromise AI
AI Coding Agent Security: Prompt Injection Attacks and Vulnerabilities
The article discusses critical security vulnerabilities in AI coding agents, specifically focusing on prompt injection attacks. It details r

Comments
Sign in to join the conversation.
No comments yet. Be the first.