TUESDAY, JULY 7, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 2h ago

GitHub Agentic Workflows Bug Leaks Private Repos via Prompt Injection

By Meridian48 News Desk · Summarised from DEV Community ·

GitHub's Agentic Workflows, which let AI agents triage issues via plain English prompts, are vulnerable to the GitLost attack. Noma Security showed that an attacker can post a public issue with hidden instructions, tricking the agent into reading private repos and posting contents publicly. The flaw exploits the agent's inability to distinguish owner instructions from untrusted input, combined with cross-repo read tokens and public comment posting.

Meridian48 take
The attack is a textbook indirect prompt injection, but GitHub's design choices—defaulting to broad token scopes and allowing public comment posting—made it far too easy to weaponize.
Read the full reporting
GitHub Agentic Workflows Vulnerable to GitLost Data Leak Exploit →
DEV Community
githubprompt-injection
More security briefs
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan