GitHub’s AI search tool is leaking private code repositories, according to security researchers and reporting from The Register. The flaw, called GitLost, allows anyone to request and receive code from private repositories that should be hidden from public view.
GitHub, the world’s largest platform for sharing and storing code, has not released a fix for the problem. The company also has not published official documentation warning users that their private repositories may be exposed through its AI tool. Developers and companies using GitHub believed their private code was protected, especially those paying monthly fees for the ability to keep code closed off from competitors.
The AI tool does not properly verify whether a person requesting code has permission to see it. When someone makes a request in the right way, the tool returns private repositories even though it should not. Private repositories often contain sensitive information such as passwords, unreleased features, business logic, and proprietary algorithms that companies depend on to maintain competitive advantage.
The problem exists because GitHub’s AI was trained on code from across the internet, including both public and private repositories. When the tool searches for code in response to a user query, it sometimes returns results from private repositories it should not have access to. GitHub has not fully explained the exact mechanism that causes this leak to occur.
This is part of a larger pattern. GitHub’s AI tools have previously exposed sensitive information and generated code with known security flaws. Each time, the company has been slow to acknowledge problems publicly or provide working fixes. The GitLost leak suggests that GitHub’s approach to testing AI tools before releasing them may not be catching critical security issues.
For developers and companies relying on GitHub, the leak creates uncertainty about what information the platform’s AI can actually access. Many users are now questioning whether other AI-powered features on GitHub have similar problems, and whether their trust in the platform’s privacy protections was misplaced.
GitHub has not announced a timeline for fixing the flaw or for conducting a security audit of its other AI tools. The company did not respond to requests for comment from The Register before the story was published. Users who depend on private repositories for sensitive code now face a choice between continuing to use GitHub with the knowledge that their code may be exposed, or migrating to alternative platforms.


