RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
Summary
A vulnerability called RoguePilot in GitHub Codespaces allowed attackers to inject hidden malicious instructions into GitHub issues, which GitHub Copilot (an AI code assistant) would automatically execute when a developer opened a Codespace from that issue, potentially leaking the GITHUB_TOKEN (a credential that grants access to repositories). The flaw is an example of prompt injection (tricking an AI by hiding instructions in its input), and attackers could hide their malicious prompts using HTML comments to avoid detection.
Solution / Mitigation
The vulnerability has since been patched by Microsoft following responsible disclosure.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/02/roguepilot-flaw-in-github-codespaces.html
First tracked: February 24, 2026 at 03:00 PM
Classified by LLM (prompt v3) · confidence: 92%