CodeQL 2.26.0 adds Kotlin support, AI prompt injection detection
CodeQL 2.26.0 enhances static analysis by adding support for Kotlin 2.4.0 and introducing new queries for AI prompt injection detection across JavaScript and TypeScript. This release aims to improve security by identifying vulnerabilities in how user-provided data interacts with AI models and system prompts. The update is automatically available for GitHub code scanning users on github.com, with a future inclusion planned for GitHub Enterprise Server releases.
- →Support for Kotlin 2.4.0
- →AI prompt injection detection in JavaScript/TypeScript
- →C# Razor Page handler method analysis
- →Go log/slog package models
- →Reduced false positives in Go, Python, and GitHub Actions queries
Features (2) ›
- Support for Kotlin 2.4.0
CodeQL now supports Kotlin versions up to 2.4.0, expanding its analysis capabilities for this language.
- AI prompt injection detection in JavaScript/TypeScript
New queries detect when untrusted user-provided values flow into an AI model’s system prompt, potentially allowing attackers to manipulate model behavior. This includes support for various SDKs like OpenAI, Anthropic, and Google GenAI, and specific APIs such as Sora prompts and OpenAI Realtime session instructions.
Enhancements (3) ›
- C# Razor Page handler method analysis
Razor Page handler method parameters, like those for OnGet and OnPost, are now recognized as remote flow sources for C# analysis. This enables queries like cs/sql-injection to detect vulnerabilities involving these parameters.
- Go log/slog package models
Models for the log/slog package, introduced in Go 1.21, have been added. Queries like go/log-injection can now detect issues in code using slog package functions and slog.Logger methods.
- Improved Swift CryptoKit modeling
CryptoKit modeling for Swift has been enhanced, potentially allowing swift/weak-sensitive-data-hashing and swift/weak-password-hashing queries to detect additional results.
Fixes (1) ›
- Reduced false positives in Go, Python, and GitHub Actions queries
Several queries have been refined to reduce false positives. This includes the go/unhandled-writable-file-close query, the py/modification-of-locals query, and the actions/pr-on-self-hosted-runner query.
https://github.blog/changelog/2026-07-10-codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection