Clinejection — Compromising Cline’s Production Releases just by Prompting an Issue Triager
Summary
Adnan Khan's post details a prompt-injection attack against Cline's AI-powered issue triage using Claude Code. It shows how an issue title can trigger code execution and how cache poisoning could leak NPM secrets across workflows, underscoring risk in AI-assisted automation and CI/CD pipelines.