The GitHub Blog provides updates, announcements, and insights from the world's leading software development platform, covering topics such as new features, community highlights, and industry trends. Developers can learn about GitHub's latest developments, best practices for collaboration, and tips for maximizing productivity on the platform.

GitHub Blog

Season 4 of the GitHub Secure Code Game introduces agentic AI security through five progressive challenges built around ProdBot, a deliberately vulnerable AI assistant. Players use natural language to exploit real-world vulnerabilities including sandbox escapes, prompt injection via web content, MCP server abuse, memory poisoning, and multi-agent trust failures. The game runs free in GitHub Codespaces, requires no prior AI or coding experience, and reflects current threats catalogued in the OWASP Top 10 for Agentic Applications 2026. Over 10,000 developers have used previous seasons to build security skills.

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

The Secure Code Game: Learn secure coding and have fun doing it

Why agentic AI security matters right now

Meet ProdBot: your deliberately vulnerable AI assistant

Five levels, five upgrades, five vulnerabilities