// ClaudeMEDIUM
Researchers have identified that prompt injection attacks can manipulate Claude Code to access sensitive credentials stored in software development pipelines, particularly GitHub repositories. Attackers can craft malicious prompts to bypass Claude Code's safeguards and exfiltrate authentication tokens and API keys from development environments.
- Claude Code Vulnerability Could Let Attackers Steal Credentials (opens in a new tab)
- Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workf(opens in a new tab)
- Security Flaw in Claude Code Illustrates the Risk of AI in Devel(opens in a new tab)
// Get alerts for Claude