Dispatch
Clinejection: Prompt Injection Compromises Cline's Production npm Releases
Security researcher Adnan Khan demonstrated a full supply-chain attack against the Cline VS Code extension. A prompt injection in a GitHub issue title poisoned Cline's AI-powered triage bot (running claude-code-action@v1 with Bash/Read/Write tools), which then poisoned the CI cache loaded by the nightly release workflow, stealing npm publishing secrets. [redacted] was published by an anonymous attacker before being retracted. The attacker only added OpenClaw installation but could have done far
↳ Follow the thread