Skip to content
Navigation Menu
Toggle navigation
Sign in
Appearance settings
Platform
AI CODE CREATION
GitHub Copilot
Write better code with AI
GitHub Copilot app
Direct agents from issue to merge
MCP Registry
New
Integrate external tools
DEVELOPER WORKFLOWS
Actions
Automate any workflow
Codespaces
Instant dev environments
Issues
Plan and track work
Code Review
Manage code changes
APPLICATION SECURITY
GitHub Advanced Security
Find and fix vulnerabilities
Code security
Secure your code as you build
Secret protection
Stop leaks before they start
EXPLORE
Why GitHub
Documentation
Blog
Changelog
Marketplace
View all features
Solutions
BY COMPANY SIZE
Enterprises
Small and medium teams
Startups
Nonprofits
BY USE CASE
App Modernization
DevSecOps
DevOps
CI/CD
View all use cases
BY INDUSTRY
Healthcare
Financial services
Manufacturing
Government
View all industries
View all solutions
Resources
EXPLORE BY TOPIC
AI
Software Development
DevOps
Security
View all topics
EXPLORE BY TYPE
Customer stories
Events & webinars
Ebooks & reports
Business insights
GitHub Skills
SUPPORT & SERVICES
Documentation
Customer support
Community forum
Trust center
Partners
View all resources
Open Source
COMMUNITY
GitHub Sponsors
Fund open source developers
PROGRAMS
Security Lab
Maintainer Community
Accelerator
GitHub Stars
Archive Program
REPOSITORIES
Topics
Trending
Collections
Enterprise
ENTERPRISE SOLUTIONS
Enterprise platform
AI-powered developer platform
AVAILABLE ADD-ONS
GitHub Advanced Security
Enterprise-grade security features
Copilot for Business
Enterprise-grade AI features
Premium Support
Enterprise-grade 24/7 support
Pricing
Search or jump to...
Search code, repositories, users, issues, pull requests...
Search syntax tips
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign in
Sign up
Appearance settings
Resetting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
Uh oh!
There was an error while loading.
Please reload this page
.
github
/
codeql
Public
Notifications
You must be signed in to change notification settings
Fork
2k
Star
9.8k
Code
Issues
985
Pull requests
416
Discussions
Actions
Projects
Models
Security and quality
0
Insights
Additional navigation options
Code
Issues
Pull requests
Discussions
Actions
Projects
Models
Security and quality
Insights
Commits
Breadcrumbs
History for
codeql
javascript
ql
src
on
main
User selector
All users
All time
Commit history
Commits on Jun 25, 2026
Post-release preparation for codeql-cli-2.26.0
github-actions[bot]
committed
456e337
Copy full SHA for 456e337
Release preparation for version 2.26.0
github-actions[bot]
committed
237c563
Copy full SHA for 237c563
Commits on Jun 17, 2026
Fix prompt injection severity
BazookaMusic
committed
b9025a5
Copy full SHA for b9025a5
Commits on Jun 16, 2026
Grammar
Show description for 8f965a9
BazookaMusic
and
Copilot
authored
8f965a9
Copy full SHA for 8f965a9
Fix system prompt injection description and title
Show description for d72372c
BazookaMusic
and
Copilot
authored
d72372c
Copy full SHA for d72372c
Commits on Jun 11, 2026
Merge branch 'main' into bazookamusic/cwe-1427
BazookaMusic
authored
17dbf03
Copy full SHA for 17dbf03
Refine SystemPromptInjection alert message and move test to stable
Show description for 7bd5abf
BazookaMusic
committed
7bd5abf
Copy full SHA for 7bd5abf
Promote user prompt injection query to stable security
Show description for e612db2
BazookaMusic
committed
e612db2
Copy full SHA for e612db2
Commits on Jun 8, 2026
Remove redundant file
BazookaMusic
committed
b6c951e
Copy full SHA for b6c951e
1. Rename AgentSDK -> AgentSdk
Show description for 2cb0851
BazookaMusic
committed
2cb0851
Copy full SHA for 2cb0851
Formatting
BazookaMusic
committed
61be37d
Copy full SHA for 61be37d
Better document the new queries
BazookaMusic
committed
da05992
Copy full SHA for da05992
Commits on Jun 6, 2026
Add experimental JS query for SSRF guards missing IPv6-transition unwrap
Show description for e93bc11
tonghuaroot
committed
e93bc11
Copy full SHA for e93bc11
Commits on Jun 4, 2026
add openrouter support
BazookaMusic
committed
078d15e
Copy full SHA for 078d15e
Commits on May 29, 2026
Post-release preparation for codeql-cli-2.25.6
github-actions[bot]
committed
cfb18c2
Copy full SHA for cfb18c2
Release preparation for version 2.25.6
github-actions[bot]
committed
8b6f969
Copy full SHA for 8b6f969
Revert "Release preparation for version 2.25.6"
henrymercer
authored
9bc0c1b
Copy full SHA for 9bc0c1b
Commits on May 25, 2026
Release preparation for version 2.25.6
github-actions[bot]
committed
44a914e
Copy full SHA for 44a914e
Commits on May 20, 2026
move system prompt injection to non-experimental
BazookaMusic
committed
6c5c8e1
Copy full SHA for 6c5c8e1
Commits on May 18, 2026
Post-release preparation for codeql-cli-2.25.5
github-actions[bot]
committed
9f64000
Copy full SHA for 9f64000
Release preparation for version 2.25.5
github-actions[bot]
committed
e38616a
Copy full SHA for e38616a
Commits on May 15, 2026
add tests for langchain and remove wrong model for guardrails agent
BazookaMusic
committed
5ef09a1
Copy full SHA for 5ef09a1
Add run from agents into the user prompt and fix an issue with classifying it as a system prompt injection
BazookaMusic
committed
fe7eabd
Copy full SHA for fe7eabd
add barrier when data flows into user messages for system prompt detection, remove embeddings from user prompt injection query
BazookaMusic
committed
535adc7
Copy full SHA for 535adc7
Commits on May 13, 2026
remove guardrails sanitizer for now
BazookaMusic
committed
9c13626
Copy full SHA for 9c13626
Move structurally typed prompt injection sinks to Models as Data
Show description for 34da804
BazookaMusic
committed
34da804
Copy full SHA for 34da804
Commits on May 12, 2026
Documentation
BazookaMusic
committed
98379cf
Copy full SHA for 98379cf
default threat model
BazookaMusic
committed
9006ddb
Copy full SHA for 9006ddb
Commits on May 5, 2026
Post-release preparation for codeql-cli-2.25.4
github-actions[bot]
committed
7610277
Copy full SHA for 7610277
Release preparation for version 2.25.4
github-actions[bot]
committed
88e1d86
Copy full SHA for 88e1d86
Commits on May 4, 2026
changes for spliting into system and user
BazookaMusic
committed
74a3ba1
Copy full SHA for 74a3ba1
Commits on Apr 30, 2026
JS: Add prompt injection detection (CWE-1427) for OpenAI, Anthropic, and Google GenAI SDKs
Show description for 0b7133c
BazookaMusic
committed
0b7133c
Copy full SHA for 0b7133c
Commits on Apr 20, 2026
Post-release preparation for codeql-cli-2.25.3
github-actions[bot]
committed
a0bab53
Copy full SHA for a0bab53
Release preparation for version 2.25.3
github-actions[bot]
committed
c861d99
Copy full SHA for c861d99
Commits on Apr 14, 2026
Merge branch 'main' into post-release-prep/codeql-cli-2.25.2
henrymercer
authored
43c9b95
Copy full SHA for 43c9b95
Previous
Next
You can’t perform that action at this time.