Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
- Openverse-iiitk/Ferrari-OS/.github/workflows/summarize.yml
Vulnerability:
- In job 'summary', step 'Comment with AI summary', the LLM response is spliced into the
run shell via ${{ steps.inference.outputs.response }}; upstream LLM step 'Run AI inference' is prompted with attacker-controlled github.event.issue.title and github.event.issue.body; sink is the run shell.
Thank you for your time and for maintaining this project.
Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
Vulnerability:
runshell via${{ steps.inference.outputs.response }}; upstream LLM step 'Run AI inference' is prompted with attacker-controlledgithub.event.issue.titleandgithub.event.issue.body; sink is therunshell.Thank you for your time and for maintaining this project.