Claude-Code

supply-chain 2026-06-07
Claude Code's GitHub Action: One Malicious Issue Could Hijack Any Public Repo
A permission bypass chained with prompt injection in Anthropic's Claude Code GitHub Action let a single crafted issue make the agent leak CI secrets and OIDC request tokens — a clean path to poisoning the action's own supply chain. Patched in v1.0.94.
supply-chain github-actions ci-cd prompt-injection ai-security claude-code oidc

Claude Code's GitHub Action: One Malicious Issue Could Hijack Any Public Repo