AnalysisCybersecurityJuly 7, 2026
Public GitHub Issues Can Leak Private Repo Data via Agentic Workflows

Noma Security researchers show that a public issue on a GitHub repo can trick Agentic Workflows into leaking private repository data. No credentials or special access are needed—only a crafted issue.
4 sources
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Datathehackernews.com
Automates Windows kernel driver vulnerability research with AI agentsx.com
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injectionsecurityweek.com
GitLost: We Tricked GitHub's AI Agent into Leaking Private Reposnoma.security