GitHub shipped CodeQL 2.26.0 on July 10, marking another step forward for its static analysis platform. CodeQL powers GitHub code scanning, helping developers detect vulnerabilities such as SQL injection and cross-site scripting before software reaches production.
Alongside Kotlin 2.4.0 support and accuracy improvements across multiple languages, the release introduces AI prompt injection detection, reflecting GitHub’s growing focus on securing AI-powered applications.
AI Prompt Injection Detection Expands CodeQL’s Security Coverage
The headline feature in CodeQL 2.26.0 is the new js/system-prompt-injection query for JavaScript and TypeScript.
It detects cases where untrusted user input flows directly into an AI model’s system prompt, creating an opportunity for attackers to manipulate the model’s behavior.
To improve real-world coverage, GitHub added new detection points across OpenAI’s SDK, including Sora prompt fields and Realtime session instructions, Anthropic’s legacy completion prompts, and Google’s GenAI SDK for cached content and system instructions.
The release also builds on the experimental Python prompt injection query introduced in February, indicating that GitHub now treats AI-specific vulnerabilities as a permanent security category.
In addition, CodeQL introduces an experimental SSRF query that detects IPv6 transition address techniques capable of bypassing protections designed only for private IPv4 ranges.
Kotlin 2.4 Support and Broader Language Improvements
CodeQL 2.26.0 also adds full support for Kotlin 2.4.0, continuing GitHub’s rapid support for new Kotlin releases. Beyond Kotlin, the update improves security analysis across several programming languages.
For C#, CodeQL now recognizes Razor Page handler parameters as remote data sources, enabling SQL injection queries to identify vulnerabilities that previously went undetected.
Go gains support for the log/slog package introduced in Go 1.21, extending detection for log injection and clear-text logging issues.
GitHub also reduced false positives in Go, Python, and GitHub Actions queries while expanding Swift CryptoKit modeling to uncover additional security findings.
The update is already available for GitHub code scanning on GitHub.com. GitHub Enterprise Server users will receive it in a future release or through a manual upgrade.
By extending prompt injection detection beyond Python to JavaScript and TypeScript, GitHub continues to strengthen CodeQL’s ability to identify emerging AI security risks.
Source: Official GitHub Changelog, "CodeQL 2.26.0 Adds Kotlin 2.4.0 Support and AI Prompt Injection Detection"




