SShortSingh.
Back to feed

GitHub Agentic Workflows Flaw Lets Attackers Steal Private Repo Data via AI Agent

0
·1 views

Security researchers at Noma Security discovered a prompt injection vulnerability, dubbed GitLost, in GitHub's Agentic Workflows feature, which entered public preview in February. The exploit allows an attacker to post a malicious public issue on a target repository, tricking the AI agent into reading private repository contents and posting them in a public comment. No stolen credentials are required — the attacker only needs access to a public surface where the agent reads and writes. The attack is amplified when organizations grant their workflow agent a cross-repository read token, a common configuration for legitimate use cases like shared schemas or release notes. GitHub has issued a fix, but security experts advise teams to carefully review token scopes and agent permissions before deploying Agentic Workflows on sensitive repositories.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

16-Year-Old Developer Releases Free Git and GitHub Masterclass on ZabiTech

A developer named Zabi, 16, from Pakistan, has published a free Git and GitHub masterclass on the ZabiTech Community platform. The guide requires no signup and is available at no cost to readers. It covers core Git and GitHub concepts aimed at helping developers build practical version control skills. Zabi announced the resource via DEV Community, noting it is part of a broader effort to share educational content publicly. He has indicated that a Frontend Roadmap 2026 guide will be released next.

0
ProgrammingDEV Community ·

How a Bootstrap Scene Solves Unity's Game Initialization Race Conditions

Unity's default workflow loads whichever scene is open in the editor when the developer hits Play, offering no built-in guarantee that core systems like GameManager or AudioManager initialize before gameplay logic runs. This can cause race conditions where gameplay scripts attempt to access managers that have not yet finished their Awake() setup, leading to null reference exceptions. While Unity's RuntimeInitializeOnLoadMethod attribute can force code to run before any scene loads, its static and parameter-less restrictions make Inspector-based configuration impossible. The proposed solution is a dedicated Bootstrap scene that always loads first, initializes all core systems, and then immediately loads the intended gameplay scene. This approach combines the serialization flexibility of MonoBehaviours with the execution-order guarantees needed for reliable game initialization.

0
ProgrammingDEV Community ·

Developer reverse-engineers Discord's banner color blend formula and builds free preview tool

A developer discovered that Discord's profile banner does not display the exact hex color chosen by Nitro users, but instead blends it roughly 40% toward black or white based on the color's brightness. This undocumented behavior forced users into a tedious trial-and-error process of uploading and adjusting colors repeatedly. To solve this, the developer sampled multiple theme colors against their rendered banners and worked backward to identify the blend ratio and direction. The result is a free, no-signup browser tool built with React and Vite that lets users paste a hex code and instantly preview the actual banner color. The tool also supports avatar-based color suggestions and downloading a matched solid PNG banner, and is self-hosted with no paywall.

0
ProgrammingDEV Community ·

Developer Builds Language-Independent Meaning Engine Without LLMs or Hard-Coded Rules

A developer has released an experimental semantic engine called the Ternary Semantic Brain Core, which learns word meanings without using large language models, embeddings, or any hard-coded linguistic knowledge. The system uses a ternary representation — values of -1, 0, and +1 — to denote inhibition, unknown, and excitation states, treating uncertainty as a valid first-class answer. It was trained and tested on English and Turkish monolingual dictionaries, producing over 288,000 concept neurons and 102 million synaptic connections while using approximately 1.3 GB of RAM. Without being explicitly told that 'water' equals the Turkish word 'su,' the engine was able to identify cross-language semantic similarity through emergent relationships. The project is available as a binary-only experimental release on GitHub, with full architecture documentation and a research paper included in the repository.

GitHub Agentic Workflows Flaw Lets Attackers Steal Private Repo Data via AI Agent · ShortSingh