🔒 Zizmor Security Analysis Report - 2025-11-01

[github-actions[bot]]

🔒 Zizmor Security Analysis Report - 2025-11-01

This report presents the results of a comprehensive security scan of all agentic workflows using the zizmor security scanner. The scan identified 57 security findings across 4 vulnerability types affecting 10 workflows.

Executive Summary

**Security Scan (redacted)

• Total Workflows Scanned: 65
• Total Workflows Affected: 10 (15.4%)
• Total Security Findings: 57
• Critical Issues: 0
• High Severity: 3
• Medium Severity: 21
• Low Severity: 33

**Key (redacted)

1. Template Injection is the most prevalent issue (33 findings, 57.9% of total)
2. Excessive Permissions affects the most workflows (19 findings across 8 workflows)
3. Dangerous Triggers pose the highest risk (3 High severity findings)
4. Artipacked vulnerabilities detected in 2 workflows

Security Findings by Type

Issue Type	Severity	Confidence	Occurrences	Total Locations	Affected Workflows
template-injection	Low	High	11	33	3
excessive-permissions	Medium	High	13	19	8
dangerous-triggers	High	Medium	3	3	3
artipacked	Medium	Low	2	2	2

Priority Issues

1. Template Injection (Most Common)

• Count: 33 findings across 3 workflows
• Severity: Low
• Confidence: High
• Affected Workflows:
  • duplicate-code-detector
  • mcp-inspector
  • smoke-codex
• Description: Code injection via template expansion
• Reference: (redacted)/audits/#template-injection

Impact: Template injection vulnerabilities occur when GitHub Actions expressions are used in contexts where they can be controlled by external input (e.g., issue titles, PR descriptions). While marked as Low severity, these can potentially allow attackers to inject malicious code into workflow execution.

2. Excessive Permissions (Most Widespread)

• Count: 19 findings across 8 workflows
• Severity: Medium (High in 2 cases)
• Confidence: High
• Affected Workflows:
  • ci-doctor
  • copilot-agent-analysis
  • copilot-pr-prompt-analysis
  • daily-news
  • daily-perf-improver
  • daily-test-improver
  • smoke-detector
  • technical-doc-writer
• Description: Overly broad permissions (read-all or write-all)
• Reference: (redacted)/audits/#excessive-permissions

Impact: Workflows using permissions: read-all violate the principle of least privilege. If these workflows are compromised, attackers gain broad access to repository resources, increasing the potential damage.

3. Dangerous Triggers (Highest Severity)

• Count: 3 findings
• Severity: High
• Confidence: Medium
• Affected Workflows:
  • ci-doctor
  • dev-hawk
  • smoke-detector
• Description: Use of fundamentally insecure workflow trigger (workflow_run)
• Reference: (redacted)/audits/#dangerous-triggers

Impact: The workflow_run trigger is considered insecure because it runs with elevated privileges from the default branch, even when triggered by pull requests from forks. This can be exploited to gain unauthorized access or execute malicious code.

4. Artipacked (Credential Leakage Risk)

• Count: 2 findings
• Severity: Medium
• Confidence: Low
• Affected Workflows:
  • daily-perf-improver
  • daily-test-improver
• Description: Credential persistence through GitHub Actions artifacts
• Reference: (redacted)/audits/#artipacked

Impact: Workflows may inadvertently persist credentials in artifacts, making them accessible to users with read access to the repository.

Fix Suggestion for Excessive Permissions

Since excessive-permissions is the most widespread issue affecting 8 workflows, here's a detailed fix template:

Issue: excessive-permissions (overly broad permissions)

Severity: Medium to High
Affected Workflows: 8 workflows
Reference: (redacted)/audits/#excessive-permissions

Problem

Workflows use permissions: read-all which grants unnecessary broad access to repository resources. This violates the principle of least privilege and increases security risk if the workflow is compromised.

Required Fix

Replace blanket permissions with specific, minimal permissions that the workflow actually needs.

Fix Steps

1. Analyze what each workflow does (checkout code, create issues, create PRs, etc.)
2. Determine the minimal required permissions
3. Replace permissions: read-all with specific permissions

Example Fix

**(redacted)

permissions: read-all

**(redacted)

permissions:
  contents: read
  issues: write
  pull-requests: write

Common Permission Mappings

• Checkout code → contents: read
• Push commits → contents: write
• Create/comment issues → issues: write
• Create/comment PRs → pull-requests: write
• Read issues/PRs → issues: read, pull-requests: read

Copilot Agent Fix Prompt

You are fixing a security vulnerability in GitHub Actions workflows identified by the zizmor security scanner.

**Issue**: excessive-permissions (overly broad permissions)
**Severity**: Medium to High
**Reference**: (redacted)/audits/#excessive-permissions

**Problem**:
The workflow uses `permissions: read-all`, which grants unnecessary broad access to repository resources. This violates the principle of least privilege and increases security risk if the workflow is compromised.

**Required Fix**:
Replace blanket permissions with specific, minimal permissions that the workflow actually needs.

**Steps**:
1. Analyze what the workflow does (checkout code, create issues, create PRs, etc.)
2. Determine the minimal required permissions
3. Replace `permissions: read-all` with specific permissions

**Example Fix**:

Before:
```yaml
permissions: read-all

After:

permissions:
  contents: read
  issues: write
  pull-requests: write

Common Permission Mappings:

• Checkout code → contents: read
• Push commits → contents: write
• Create/comment issues → issues: write
• Create/comment PRs → pull-requests: write
• Read issues/PRs → issues: read, pull-requests: read

Please apply this fix to the following affected workflows:

• .github/workflows/ci-doctor.md
• .github/workflows/copilot-agent-analysis.md
• .github/workflows/copilot-pr-prompt-analysis.md
• .github/workflows/daily-news.md
• .github/workflows/daily-perf-improver.md
• .github/workflows/daily-test-improver.md
• .github/workflows/smoke-detector.md
• .github/workflows/technical-doc-writer.md

For each workflow:

1. Read the workflow markdown file
2. Analyze what permissions it actually needs based on the steps
3. Replace the blanket permissions with specific ones in the frontmatter
4. Verify the permissions match the workflow's actual needs

## Detailed Findings

<details>
<summary>Full Findings by Workflow (click to expand)</summary>

### ci-doctor
**Findings**: 3
1. **dangerous-triggers** (High severity)
   - Location: .github/workflows/ci-doctor.lock.(redacted)
   - Annotation: workflow_run is almost always used insecurely
   
2. **excessive-permissions** (Medium severity)
   - Location: .github/workflows/ci-doctor.lock.(redacted)
   - Annotation: uses read-all permissions

3. **excessive-permissions** (Medium severity)
   - Location: .github/workflows/ci-doctor.lock.(redacted)
   - Annotation: this job uses read-all permissions

### copilot-agent-analysis
**Findings**: 2
1. **excessive-permissions** (Medium severity)
2. **excessive-permissions** (Medium severity)

### copilot-pr-prompt-analysis
**Findings**: 1
1. **excessive-permissions** (Medium severity)

### daily-news
**Findings**: 2
1. **excessive-permissions** (Medium severity)
2. **excessive-permissions** (Medium severity)

### daily-perf-improver
**Findings**: 3
1. **excessive-permissions** (Medium severity)
2. **excessive-permissions** (Medium severity)
3. **artipacked** (Medium severity)
   - Annotation: credential persistence through GitHub Actions artifacts

### daily-test-improver
**Findings**: 3
1. **excessive-permissions** (High severity)
2. **excessive-permissions** (Medium severity)
3. **artipacked** (Medium severity)

### dev-hawk
**Findings**: 1
1. **dangerous-triggers** (High severity)
   - Location: .github/workflows/dev-hawk.lock.(redacted)
   - Annotation: workflow_run is almost always used insecurely

### duplicate-code-detector
**Findings**: 11
1-11. **template-injection** (Low severity) - 11 instances
   - Multiple steps use template expressions that could be vulnerable

### mcp-inspector
**Findings**: 11
1-11. **template-injection** (Low severity) - 11 instances

### smoke-codex
**Findings**: 11
1-11. **template-injection** (Low severity) - 11 instances

### smoke-detector
**Findings**: 2
1. **dangerous-triggers** (High severity)
   - Annotation: workflow_run is almost always used insecurely
2. **excessive-permissions** (Medium severity)

### technical-doc-writer
**Findings**: 2
1. **excessive-permissions** (Medium severity)
2. **excessive-permissions** (Medium severity)

</details>

## Recommendations

### Immediate Actions (High Priority)
1. **Fix dangerous-triggers vulnerabilities** in ci-doctor, dev-hawk, and smoke-detector workflows
   - Consider alternative triggers like `workflow_call` or manual triggers
   - If workflow_run is required, implement additional security controls

2. **Address excessive-permissions** in 8 affected workflows
   - Replace `permissions: read-all` with specific minimal permissions
   - Review each workflow's actual permission needs
   - Test workflows after applying minimal permissions

### Short-term Actions (Medium Priority)
3. **Review artipacked findings** in daily-perf-improver and daily-test-improver
   - Ensure no credentials are being uploaded in artifacts
   - Use artifact retention policies to limit exposure

4. **Audit template-injection vulnerabilities** in 3 affected workflows
   - Review all GitHub Actions expressions in steps
   - Sanitize or validate external inputs before use
   - Consider using intermediate steps to safely handle untrusted data

### Long-term Actions (Preventive)
5. **Integrate zizmor into CI/CD pipeline**
   - Run zizmor automatically on workflow changes
   - Block merges that introduce new security issues
   - Add pre-commit hooks to catch issues early

6. **Update workflow templates and guidelines**
   - Document secure workflow patterns
   - Provide examples of minimal permission configurations
   - Create security review checklist for new workflows

7. **Regular security audits**
   - Schedule monthly zizmor scans
   - Track security metrics over time
   - Review and update security policies

## Historical Context

This is the first comprehensive zizmor security scan recorded in the cache memory system. Future scans will include trend analysis to track:
- New vulnerabilities introduced
- Issues resolved over time
- Overall security posture improvements
- Recurring vulnerability patterns

## Next Steps

- [ ] Apply excessive-permissions fixes to 8 affected workflows
- [ ] Review and fix dangerous-triggers in 3 workflows
- [ ] Investigate artipacked findings in 2 workflows
- [ ] Audit template-injection vulnerabilities in 3 workflows
- [ ] Consider adding zizmor to pre-commit hooks
- [ ] Schedule next security scan for 2025-11-08

## Resources

- **Zizmor Documentation**: (redacted)/
- **GitHub Actions Security Best Practices**: (redacted)/en/actions/security-guides/security-hardening-for-github-actions
- **Fix Template**: Detailed fix instructions are stored in `/tmp/gh-aw/cache-memory/fix-templates/excessive-permissions.md`
- **Scan Data**: Full scan results are available in `/tmp/gh-aw/cache-memory/security-scans/2025-11-01.json`

---

**Scan performed by**: Zizmor Security Analyzer Agent  
**Zizmor version**: 1.16.1  
**Scan date**: 2025-11-01  
**Repository**: githubnext/gh-aw  
**Workflow run**: [§18994475984]((redacted)/githubnext/gh-aw/actions/runs/18994475984)


> AI generated by [Zizmor Workflow Security Analyzer](https://github.com/githubnext/gh-aw/actions/runs/18994475984)

[github-actions[bot]]

This discussion was automatically closed because it was created by an agentic workflow more than 1 week ago.