logoalt Hacker News

Go7hictoday at 10:59 AM0 repliesview on HN

GitHub Agentic Workflows lack a trust boundary: attackers can inject instructions through public issues and trick the AI agent into leaking private repositories belonging to the same organization.