ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Ghostcommit hides prompt injections in PNGs to steal repo secrets

Source headline: 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 4 days ago

Intelligence Summary

Researchers describe a technique called Ghostcommit that embeds prompt injection instructions inside PNG images. AI-based code review agents can miss the payload because they never open or parse image files. A coding agent that follows the injected instructions can be tricked into reading a repository’s .env file and exfiltrating secrets into code. The attack targets the workflow around AI agents rather than traditional vulnerabilities. Teams using AI tooling for code review and generation should restrict what agents can access and validate inputs, especially binary files.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#ai-security #prompt-injection #code-review-evasion #png #secret-exfiltration
Original reporting BleepingComputer 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
Open original source