A sophisticated attack chain dubbed ‚Clinejection‘ has been demonstrated, showing how a prompt injection in a GitHub issue title can compromise production releases in AI-powered systems. The vulnerability was successfully exploited against the Cline GitHub repository, highlighting critical security concerns for AI-integrated development workflows.
Source: Simon Willison