# GitLost [2026]: How Prompt Injection in GitHub's AI Agent Leaks Private Repos

> Source: <https://www.lucasaguiar.xyz/posts/gitlost-github-agentic-workflows-prompt-injection-2026/>
> Published: 2026-07-08 18:11:36+00:00

On July 6, 2026, Noma Labs disclosed **GitLost**, a critical prompt injection vulnerability in GitHub’s new **Agentic Workflows** feature. The attack allows an unauthenticated attacker to silently exfiltrate data from private repositories — simply by posting a crafted GitHub Issue in a public repository belonging to the same organization.

At 445 points on Hacker News and climbing, this is one of the most significant AI security stories of the month. Here is what happened, how it works, and what it means for anyone running AI agents on their code.
