Skip to content

fix(ci): resolve critical security issues in GitHub Actions workflows#7277

Merged
h0lybyte merged 2 commits intodevfrom
atom-02251259-ci-critical-fixes
Feb 25, 2026
Merged

fix(ci): resolve critical security issues in GitHub Actions workflows#7277
h0lybyte merged 2 commits intodevfrom
atom-02251259-ci-critical-fixes

Conversation

@h0lybyte
Copy link
Member

@h0lybyte h0lybyte commented Feb 25, 2026

Summary

  • Disable atlas process workflowi-atlas-process.yml passed attacker-controlled issue bodies through an LLM, then injected unvalidated LLM output directly into shell commands via ${{ }} interpolation. Changed trigger from issues:opened to workflow_dispatch to disable it. Atlas processing should move to a dedicated external application.
  • Fix command injection in shell actionskbve-shell/action.yml, utils-astro-deployment.yml, and utils-nx-kbve-shell.yml all interpolated ${{ inputs.* }} directly into run: blocks, allowing shell metacharacter injection. Moved inputs into env: variables so the shell treats them as data, not code.
  • Enable Trivy CVE blockingutils-publish-docker-image.yml had exit-code: 0 on the Trivy scan, meaning CRITICAL/HIGH vulnerabilities were logged but never blocked publishing. Changed to exit-code: 1.
  • Harden i-label.yml — Added top-level permissions: {issues: write, contents: read} (was inheriting default write-all) and timeout-minutes: 5 to all 16 jobs. Fixed misleading [Help] comment on assign_staging.

Test plan

  • Label automation still works (apply a label to an issue, verify project migration runs)
  • Astro deployments still build (trigger via ci-main)
  • Docker publish pipeline blocks on CRITICAL CVEs instead of silently passing
  • Atlas workflow no longer triggers on new issues

@h0lybyte
fix(ci): resolve critical security issues in GitHub Actions workflows
309b86b 
- Disable i-atlas-process.yml (LLM output → shell injection via issue body)
- Use env vars instead of ${{ }} interpolation in kbve-shell action,
  utils-astro-deployment.yml, and utils-nx-kbve-shell.yml to prevent
  command injection through workflow inputs
- Set Trivy exit-code to 1 so CRITICAL/HIGH CVEs block Docker publishing
- Add permissions (issues:write, contents:read) and timeout-minutes to
  all 16 jobs in i-label.yml
@github-actions
Copy link
Contributor

github-actions bot commented Feb 25, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

  • .github/workflows/i-atlas-process.yml

@h0lybyte @claude
fix(ci): remove deprecated atlas LLM workflow
66808a0 
Atlas processing has been moved to an external application.
The i-atlas-process.yml workflow is no longer needed and
contained unsanitized LLM output injection risks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@h0lybyte h0lybyte merged commit e032ad2 into dev Feb 25, 2026
14 checks passed
@h0lybyte h0lybyte deleted the atom-02251259-ci-critical-fixes branch February 25, 2026 18:59
This was referenced Feb 25, 2026
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@h0lybyte