{"data":{"id":"cda0ab76-4e74-447f-b590-b623ec17c15b","title":"Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection","summary":"A critical vulnerability called GitLost affects GitHub Agentic Workflows (AI agents that automate repository interactions by reading natural language instructions in markdown files). Attackers can exploit prompt injection (tricking an AI by hiding instructions in its input) in public GitHub Issues to make the AI agent leak private repository data, even without credentials or coding skills. GitHub's security protections failed against variations of the attack, such as adding the keyword \"additionally\" to bypass safeguards.","solution":"The source mentions recommendations from Noma Labs but does not describe an explicit fix or patch from GitHub. The recommendations include: treat all user-controlled content as untrusted, restrict agent permissions to the minimum required, restrict what agents can post publicly, and sanitize user input before it is passed to the AI agents. However, these are suggested best practices, not a confirmed mitigation or update from GitHub.","labels":["security"],"sourceUrl":"https://www.securityweek.com/critical-vulnerability-exposes-github-agentic-workflows-to-prompt-injection/","publishedAt":"2026-07-08T10:30:55.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["GitHub","GitHub Agentic Workflows"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-08T10:30:55.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}