A week-long automated attack campaign targeted CI/CD pipelines across major open source repositories, achieving remote code execution in multiple targets. The attacker, an autonomous bot called hackerbot-claw, used five different exploitation techniques and successfully exfiltrated a GitHub token with write permissions from one of the most popular repositories on GitHub. The campaign targeted repositories belonging to Microsoft, DataDog, CNCF, and other popular open source projects. The attacks included token theft via poisoned Go scripts, direct script injection, branch name injection, filename injection, and AI prompt injection. The most severe attack resulted in a full repository compromise of Aqua Security's Trivy project. The campaign highlights the growing threat of AI-powered bots targeting software supply chains and the need for automated security controls in CI/CD pipelines.