🟠 High  |  Source: The Register — Security


A vulnerability in GitHub’s AI agent allows private repository contents to be exposed when users issue simple natural language prompts, effectively bypassing access controls through the AI layer. The issue, dubbed ‘GitLost’, has no available patch or vendor documentation at time of reporting. This is particularly concerning given the widespread enterprise adoption of AI coding assistants and the sensitivity of source code repositories.

Security Architect’s Take: Audit which GitHub AI agent features are enabled across your organisation and consider disabling or restricting access to Copilot Workspace and similar agentic capabilities until GitHub issues a formal fix and advisory. Review whether private repositories containing sensitive IP, credentials, or configuration data are accessible to any AI agent integrations, and enforce least-privilege repository access controls in the interim.

Original advisory: GitHub AI agent leaks private repos when asked nicely