Turborepo Remote Cache: How Poisoning Hits a Monorepo Team

Turborepo's remote cache stores build artifacts keyed by input hashes. On your next build, if your inputs match, you get the cached output — no rebuild needed.

This is great until someone's laptop is compromised.

The attack

1. Attacker gains access to a developer's TURBO_TOKEN.
2. They locally modify the output of packages/ui/dist/index.js — add a tiny exfiltration stub.
3. They push the tampered output to the remote cache with the correct input hash.
4. Every teammate's next build pulls the poisoned cache.

Detection

Turborepo supports signature-verified caches (signature: true in turbo.json). If you're not using it, start today:

{
  "remoteCache": {
    "signature": true
  }
}

This signs each cached artifact with a shared secret. Cache reads verify the signature before use.

Rotation playbook

Also rotate TURBO_TOKEN if it was generated more than 90 days ago. The tokens never expire, and old ones accumulate on laptops that are no longer around.

VibeWShield doesn't scan private Turborepo caches (they aren't publicly exposed), but our Secrets scanner does flag TURBO_TOKEN in any bundle that shipped it by mistake.