GitLost: GitHub's AI Agent Leaks Private Repositories
Key Takeaways
- Noma Labs dropped details on GitLost, a prompt injection that tricks GitHub's preview Agentic Workflows into dumping private repo data through public issue comments. - Attacker needed no coding skills or special access — The Register confirmed this. - The vulnerability cannot be completely fixed in