A GitHub issue title was used to compromise approximately 4,000 developer machines by injecting a prompt that an AI triage bot interpreted and executed, leading to the installation of a malicious package. The attack, named 'Clinejection', exploited a series of vulnerabilities, including prompt injection, cache poisoning, and credential theft. The incident highlights the risks associated with AI-powered tools and the importance of securing the supply chain. The compromised package was live for eight hours before being detected and removed.