🛡 GitLost Vulnerability Steals Private Code via GitHub AI Agents

Researchers from Noma Labs have discovered a critical vulnerability named GitLost in GitHub's agentic workflows. Through a simple prompt injection in a public repository, attackers can trick an AI agent (such as Claude or GitHub Copilot) into extracting the contents of an organization's private repositories and publishing them in a public comment.

🌍 The problem highlights the complexity of securing autonomous AI agents. Traditional methods fail because the agent possesses legitimate access to internal resources, which it then uses maliciously under the influence of external commands.

👤 If your company uses GitHub Copilot or agentic features, any public repository could become an entry point for stealing your code and secrets via AI.

Source 1: https://www.theregister.com/security/2026/07/07/github-ai-agent-leaks-private-repos-when-asked-nicely/5267924