{"slug": "gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos", "title": "GitLost [2026]: How Prompt Injection in GitHub's AI Agent Leaks Private Repos", "summary": "Noma Labs disclosed GitLost, a prompt injection vulnerability in GitHub's Agentic Workflows feature, on July 6, 2026. The attack allows unauthenticated attackers to exfiltrate data from private repositories by posting a crafted GitHub Issue in a public repository of the same organization. The disclosure has become one of the most significant AI security stories of the month, reaching 445 points on Hacker News.", "body_md": "On July 6, 2026, Noma Labs disclosed **GitLost**, a critical prompt injection vulnerability in GitHub’s new **Agentic Workflows** feature. The attack allows an unauthenticated attacker to silently exfiltrate data from private repositories — simply by posting a crafted GitHub Issue in a public repository belonging to the same organization.\n\nAt 445 points on Hacker News and climbing, this is one of the most significant AI security stories of the month. Here is what happened, how it works, and what it means for anyone running AI agents on their code.", "url": "https://wpnews.pro/news/gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos", "canonical_source": "https://www.lucasaguiar.xyz/posts/gitlost-github-agentic-workflows-prompt-injection-2026/", "published_at": "2026-07-08 18:11:36+00:00", "updated_at": "2026-07-08 21:48:48.925455+00:00", "lang": "en", "topics": ["ai-safety", "ai-agents", "ai-ethics", "ai-policy"], "entities": ["Noma Labs", "GitHub", "Agentic Workflows", "GitLost"], "alternates": {"html": "https://wpnews.pro/news/gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos", "markdown": "https://wpnews.pro/news/gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos.md", "text": "https://wpnews.pro/news/gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos.txt", "jsonld": "https://wpnews.pro/news/gitlost-2026-how-prompt-injection-in-github-s-ai-agent-leaks-private-repos.jsonld"}}