Security · 3h ago
Public GitHub Issue Can Leak Private Repo Data via Agentic Workflows
Researchers at Noma Security demonstrated that a public GitHub issue can trick GitHub Agentic Workflows into leaking private repository contents. The attack requires no stolen credentials, only an issue on a public repo. It works if the organization granted the agent read access across its repositories.
Meridian48 take
This highlights a dangerous trust boundary in AI-powered automation: agents given broad repo access can be manipulated via public inputs, a risk many organizations may not have considered.
Read the full reporting
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data →
The Hacker News
githubagentic-workflows