Safety · Hacker News ·

GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos

GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos

Researchers describe a prompt-injection attack called GitLost that tricked GitHub’s AI agent into exposing data from private repositories. The post outlines how the attack worked and discusses implications for agentic AI access to source code and secrets.

Read the full story at Hacker News →