GitHub Agentic Workflows lack a trust boundary: attackers can inject instructions through public issues and trick the AI agent into leaking private repositories belonging to the same organization.
GitHub Agentic Workflows lack a trust boundary: attackers can inject instructions through public issues and trick the AI agent into leaking private repositories belonging to the same organization.