cd /news/ai-safety/gitlost-2026-how-prompt-injection-in… · home topics ai-safety article
[ARTICLE · art-51763] src=lucasaguiar.xyz ↗ pub= topic=ai-safety verified=true sentiment=↓ negative

GitLost [2026]: How Prompt Injection in GitHub's AI Agent Leaks Private Repos

Noma Labs disclosed GitLost, a prompt injection vulnerability in GitHub's Agentic Workflows feature, on July 6, 2026. The attack allows unauthenticated attackers to exfiltrate data from private repositories by posting a crafted GitHub Issue in a public repository of the same organization. The disclosure has become one of the most significant AI security stories of the month, reaching 445 points on Hacker News.

read1 min views1 publishedJul 8, 2026

On July 6, 2026, Noma Labs disclosed GitLost, a critical prompt injection vulnerability in GitHub’s new Agentic Workflows feature. The attack allows an unauthenticated attacker to silently exfiltrate data from private repositories — simply by posting a crafted GitHub Issue in a public repository belonging to the same organization.

At 445 points on Hacker News and climbing, this is one of the most significant AI security stories of the month. Here is what happened, how it works, and what it means for anyone running AI agents on their code.

── more in #ai-safety 4 stories · sorted by recency
── more on @noma labs 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/gitlost-2026-how-pro…] indexed:0 read:1min 2026-07-08 ·