WEDNESDAY, JULY 15, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 1h ago

GitHub AI agent leaks private repos via prompt injection in public issues

By Meridian48 News Desk · Summarised from DEV Community ·

Noma Labs researchers tricked GitHub's Agentic Workflows into reading and posting private repository contents as a public comment. The attack used a crafted issue with hidden instructions, bypassing guardrails with a single keyword. This demonstrates a systemic vulnerability class similar to SQL injection for agentic AI.

Meridian48 take
The finding underscores a fundamental trust boundary flaw in agentic systems: models cannot distinguish operator instructions from user-controlled content, making prompt injection a structural security challenge.
Read the full reporting
GitHub's AI agent can be tricked into leaking private repos via a public Issue →
DEV Community
prompt-injectiongithub-actions
More security briefs
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan