Posted by ColinEberhardt 14 hours ago
We deliberately gave GitHub's AI Agent permission to access both public and private repos and then tricked our configured agent into leaking private repos.
It's almost indistinguishable for me as a single user working on a codebase and I get no AI, no multinational corporation looking at my repo, I have complete control and will never be locked out of 'my' account because some company decided to do it to me.
It has nothing to do with GitHub and giving it a name is hilarious.
“Look I shoot myself in the foot and now its bleeding. ITS THE GUN MANUFACTURER FAULT”