| ▲ | TheDong 8 hours ago | |
Github actions has had a bunch of high-profile prompt injection attacks at this point, most recently the cline one: https://adnanthekhan.com/posts/clinejection/ I guess you could argue that github wasn't vulnerable in this case, but rather the author of the action, but it seems like it at least rhymes with what you're looking for. | ||
| ▲ | simonw 7 hours ago | parent [-] | |
Yeah that was a good one. The exploit was still a proof of concept though, albeit one that made it into the wild. | ||