A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit, ...
In my case this was triggered by functions.view_image reading a local image under the workspace, not only by apply_patch. The target image file itself was valid and readable by PIL. Normal shell ...
Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...