Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Researchers published a proof-of-concept attack, dubbed ‘Ghostcommit,’ demonstrating that prompt injection instructions hidden inside PNG image files can direct AI code review agents, specifically CodeRabbit and Bugbot, to locate and exfiltrate secrets from .env files, returning stolen credentials as obfuscated numeric data to evade detection. The technique exploits a structural blind spot: AI coding agents trust submitted pull request artifacts and apply no input sanitization to non-code file types, meaning the attack surface is the review pipeline itself. Combined with prior disclosures of RCE and write-access exploitation paths against CodeRabbit, this signals a maturing pattern of security research against AI-assisted development tooling, a category now deeply embedded in enterprise CI/CD workflows with privileged repository access.

Author

Tech Jacks Solutions