Step 1: Prompt injection via issue title. Cline had deployed an AI-powered issue triage workflow using Anthropic's claude-code-action. The workflow was configured with allowed_non_write_users: "*", meaning any GitHub user could trigger it by opening an issue. The issue title was interpolated directly into Claude's prompt via ${{ github.event.issue.title }} without sanitisation.
Медведев, Хачанов и Рублев — лучшие российские теннисисты. Они занимают 11-е, 16-е и 17-е места в рейтинге ATP.。体育直播对此有专业解读
。业内人士推荐PDF资料作为进阶阅读
(show #t "\ndifference:\n")。业内人士推荐PDF资料作为进阶阅读
Раскрыты подробности похищения ребенка в Смоленске09:27