GitLost: GitHub's AI agent leaks private repos when asked
SMRTR summary
Security firm Noma Labs found a way to trick GitHub's AI Agentic Workflows into leaking private repository contents by hiding plain-English commands inside a public issue — no credentials or code needed. A single word, 'Additionally,' bypassed GitHub's guardrails, causing the agent to paste private README contents into a public comment. GitHub has no fix and hasn't even documented the risk.
SMRTR provides this summary for quick context. The original article belongs to Daily.dev.
Read the original article