ctipilot.ch

claude-code-action [bot]-actor bypass + prompt injection → repo hijack / action poisoning (fixed v1.0.94)

vulnerability-trend · item:claude-code-action-github-issue-supply-chain

Coverage timeline
1
first 2026-06-05 → last 2026-06-05
Briefs
1
1 distinct
Sources cited
0
0 hosts
Sections touched
1
research
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-06-05CTI Daily Brief — 2026-06-05
    researchFirst coverage — GMO Flatt Security/RyotaK; AI-CI/CD untrusted-input class

Where this entity is cited

  • research1

Items in briefs about claude-code-action [bot]-actor bypass + prompt injection → repo hijack / action poisoning (fixed v1.0.94)

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.