The Briefing RoomJuly 7, 2026via SiliconAngle
‘GitLost’ vulnerability let GitHub’s AI workflows leak private repositories
Why it matters
GitLost exposes a critical gap in AI agent security: prompt injection vulnerabilities in production workflows can bypass authentication controls and leak sensitive data at scale. This is the first major security incident in GitHub's agentic features, signaling that AI-native infrastructure needs fundamentally different threat modeling than traditional apps.
Key signals
- Vulnerability: Prompt injection in GitHub Agentic Workflows feature
- Impact: Unauthenticated attacker can access private code repositories
- Attack vector: Single crafted issue posted in public repository
- Discovered by: Noma Security Inc. (AI security company)
- Vulnerability name: GitLost
- Affected product: GitHub Agentic Workflows (AI feature)
- Authentication bypass: No credentials required for exploitation
The hook
A single crafted GitHub issue just exposed private repositories. Here's why AI workflow security is now a board-level risk.
Researchers at artificial intelligence security company Noma Security Inc. today disclosed a critical prompt injection vulnerability in GitHub Inc.’s new Agentic Workflows feature that allowed an unauthenticated attacker to siphon data from private code repositories by posting a single crafted issue in a public one. Named GitLost, the vulnerability was found by Noma Labs, the […]