GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos
Summary
Noma Labs reveals a prompt-injection vulnerability called GitLost in GitHub's Agentic Workflows, enabling an attacker to exfiltrate private repo data via a crafted public issue. The post outlines the attack flow, impact, and mitigations for builders and security officers.