Step 1: Prompt injection via issue title. Cline had deployed an AI-powered issue triage workflow using Anthropic's claude-code-action. The workflow was configured with allowed_non_write_users: "*", meaning any GitHub user could trigger it by opening an issue. The issue title was interpolated directly into Claude's prompt via ${{ github.event.issue.title }} without sanitisation.
The solution to today's Connections #996 is...。PDF资料是该领域的重要参考
For multiple readers,更多细节参见PDF资料
Никита Хромин (ночной линейный редактор)