Agents
Claude Code GitHub Action leaked CI/CD secrets via /proc/self/environ until v2.1.128
Microsoft's security team disclosed (blog June 5, 2026) that the Claude Code GitHub Action before v2.1.128 let a single malicious issue or comment exfiltrate CI/CD secrets by reading unsanitized environment variables from /proc/self/environ. Anthropic patched it in v2.1.128, and the disclosure drove a fresh June coverage wave warning that any repo running the action on untrusted input was exposed. Builders running agentic CI should pin >=2.1.128 and treat anything an agent can read in the environment as compromised by default.
↳ Follow the thread