Microsoft Warns Claude Code Vulnerability Could Expose GitHub Credentials

Microsoft has warned that a vulnerability affecting Anthropic’s Claude Code could allow attackers to steal credentials from software development environments, including secrets tied to GitHub workflows. The issue centers on prompt injection, a technique that can manipulate AI coding agents into following malicious instructions.

According to the researchers, an attacker could use crafted prompts to persuade the agent to access sensitive credentials stored in development pipelines. Those credentials may be exposed if the AI system is allowed to interact with tools or files containing privileged information.

The warning highlights a broader security risk for teams using AI coding assistants in software development. While these tools can help automate tasks, they can also become a pathway to sensitive data if they are not properly restricted and monitored.

The report underscores the need for careful controls around agent permissions, access to secrets, and pipeline security when using AI coding tools. Microsoft’s findings focus on the potential for prompt injection to turn an assistance feature into a credential exposure risk.