◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

AI CI/CD pipeline compromise

Definition
An attack that targets the automated software build-and-deployment pipeline an organisation uses to ship code—specifically the AI agents and assistants now embedded inside it. By compromising the AI component of a CI/CD pipeline (for example, a GitHub Action that uses an AI coding agent), an attacker can inject malicious code into every software release the pipeline produces.
Why it matters
CI/CD pipelines are the factory floor of modern software delivery. When an AI coding agent embedded in that pipeline is compromised, the attacker inherits the pipeline's broad permissions—touching source code, secrets, and production environments. This is a supply-chain attack that can affect every application the organisation ships.
Demonstrated by recent findings
GitInject: Multi-University Research Confirms All Major AI CI/CD Providers Vulnerable to Prompt Injection — Eleven Named Attack Classes DocumentedMicrosoft Security Blog: CI/CD Permission Bypass in Claude Code GitHub Actions Enables Supply-Chain Compromise — Remediation Guidance PublishedLangGraph RCE Chain: SQL Injection + msgpack Deserialization in Stateful Agent Checkpointer (CVE-2025-67644 + CVE-2026-28277)
References
Microsoft Security Blog — CI/CD Permission Bypass in Claude Code GitHub Actions
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →