Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager
Summary
The article reveals a real-world, chain-of-trust vulnerability in Cline's AI-assisted issue triage workflow, showing how prompt injection can trigger cache poisoning and credential theft across CI/CD pipelines. It details the attack chain, evidence, mitigations, and timeline, highlighting the need for stricter privilege boundaries and secret handling in OSS auto-review bots.