GitInject: Real-World Prompt Injection Attacks in AI-Powered CI/CD Pipelines

GitInject is an open-source framework designed to evaluate prompt injection vulnerabilities in AI-powered CI/CD pipelines, specifically targeting GitHub workflows. It enables the testing of real workflow runs in ephemeral repositories, revealing that all tested AI providers are vulnerable to at least one attack class, particularly due to structural issues in credential and configuration file handling. This tool is significant for practitioners as it provides insights into security weaknesses in CI/CD integrations and offers minimum-cost countermeasures to mitigate identified risks.