A GitHub Issue Title Compromised 4,000 Developer Machines (grith.ai)

The grith.ai blog reports on an LLM prompt-injection vulnerability that led to 4,000 installations of a compromised version of the Cline utility. > For the next eight hours, every developer who installed or updated Cline got OpenClaw - a separate AI agent with full system access - installed globally on their machine without consent. Approximately 4,000 downloads occurred before the package was pulled. > > The interesting part is not the payload. It is how the attacker got the npm token in the first place: by injecting a prompt into a GitHub issue title, which an AI triage bot read, interpreted as an instruction, and executed.