Skip to content

[plan] Fix template-injection vulnerabilities in 16 workflows (High severity) #25862

Closed
#25888
Closed
[plan] Fix template-injection vulnerabilities in 16 workflows (High severity)#25862
#25888
Assignees
pelikhancopilot-swe-agent
Labels
ai-generatedcookieIssue Monster Loves Cookies!plan
@github-actions

Description

@github-actions
github-actions
bot
opened on Apr 11, 2026

Objective

Fix High-severity template-injection findings reported by zizmor in 16 workflows. This is the highest priority security fix from issue #25835.

Context

GitHub Actions expressions like ${{ github.event.issue.title }} used directly inside run: script blocks can be exploited if the expanded value contains attacker-controlled data. An attacker could inject shell commands by crafting malicious issue/PR content.

Reference: Static Analysis Report - 2026-04-11

Approach

For each affected workflow .md file, find steps that use ${{ ... }} expressions directly inside run: blocks and move them to the step's env: block instead.

Before (vulnerable):

- name: Process issue
  run: |
    echo "Processing: ${{ github.event.issue.title }}"
    gh issue comment ${{ github.event.issue.number }} --body "Done"

After (safe):

- name: Process issue
  env:
    ISSUE_TITLE: ${{ github.event.issue.title }}
    ISSUE_NUMBER: ${{ github.event.issue.number }}
  run: |
    echo "Processing: $ISSUE_TITLE"
    gh issue comment "$ISSUE_NUMBER" --body "Done"

Affected Workflow Files (.md sources)

These lock file lines indicate the vulnerable location in the compiled output — fix the source .md files:

  • .github/workflows/copilot-pr-nlp-analysis.md (lock line 489)
  • .github/workflows/copilot-session-insights.md (lock line 494)
  • .github/workflows/copilot-token-audit.md (lock line 507)
  • .github/workflows/daily-code-metrics.md (lock line 483)
  • .github/workflows/daily-integrity-analysis.md (lock line 531)
  • .github/workflows/daily-issues-report.md (lock line 504)
  • .github/workflows/daily-multi-device-docs-tester.md (lock line 422)
  • .github/workflows/daily-news.md (lock line 559)
  • .github/workflows/daily-repo-chronicle.md (lock line 452)
  • .github/workflows/github-mcp-structural-analysis.md (lock line 449)
  • .github/workflows/org-health-report.md (lock line 446)
  • .github/workflows/portfolio-analyst.md (lock line 520)
  • .github/workflows/python-data-charts.md (lock line 499)
  • .github/workflows/stale-repo-identifier.md (lock line 509)
  • .github/workflows/weekly-editors-health-check.md (lock line 388)
  • .github/workflows/weekly-issue-summary.md (lock line 428)

Steps

  1. For each .md file listed above, open it and locate run: steps containing ${{ ... }} expressions
  2. Move each expression to an env: block in the same step
  3. Replace the inline expression with $ENV_VAR_NAME in the run: block
  4. After editing all .md files, run make recompile to regenerate .lock.yml files
  5. Run make agent-finish to validate

Acceptance Criteria

Generated by Plan Command for issue #25835 · ● 199.3K ·

  • expires on Apr 13, 2026, 11:54 PM UTC

Metadata

Metadata

Assignees

Labels

ai-generatedcookieIssue Monster Loves Cookies!plan

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions