Static Analysis Report - 2026-03-24

[github-actions[bot]]

Analysis Summary

Daily static analysis scan of 177 workflows using zizmor, poutine, and actionlint. Today brings two notable positive resolutions (High severity github-env and unpinned-uses cleared) but a continuing escalation in template-injection severity — 24 workflows now have High severity template-injection findings, up from zero High-severity instances yesterday.

• Tools Used: zizmor, poutine, actionlint
• Total Findings: 7,843 raw (3,925 zizmor + 3,898 actionlint + 20 poutine)
• Workflows Scanned: 177
• Compiler Warnings: 32 (0 errors)
• Workflow Run: §23508971424

Findings by Tool

Tool	Total	Critical	High	Medium	Low	Info
zizmor (security)	3,925	0	24	3,832	20	49
poutine (supply chain)	20	0	0	0	1	19
actionlint (linting)	3,898	—	—	—	—	—

Clustered Findings by Tool and Type

Zizmor Security Findings

Issue Type	Severity	Count	Delta	Affected Workflows
secrets-outside-env	Medium	3,830	+17	All 177
template-injection	High	24	🆕 NEW	24 workflows
template-injection	Informational	49	stable	23 workflows
obfuscation	Low	20	stable	multiple
artipacked	Medium	1	stable	daily-copilot-token-report
secrets-inherit	Medium	1	stable	smoke-call-workflow
github-env	High	0	✅ RESOLVED (was 8)	—
unpinned-uses	High	0	✅ RESOLVED (was 2)	—

Poutine Supply Chain Findings

Issue Type	Severity	Count	Delta	Affected Workflows
untrusted_checkout_exec	error	6	day 10 🔴	smoke-workflow-call, smoke-workflow-call-with-inputs
github_action_from_unverified_creator_used	note	8	stable	copilot-setup-steps, daily-copilot-token-report, mcp-inspector, smoke-codex, super-linter, link-check, vet
unverified_script_exec	note	2	stable	copilot-setup-steps, daily-copilot-token-report
unpinnable_action	note	2	stable	daily-perf-improver, daily-test-improver
pr_runs_on_self_hosted	warning	2	+1 NEW	smoke-copilot-arm, dev

Actionlint Linting Issues

Issue Type	Count	Delta	Notes
shellcheck (SC2086)	3,837	-48	Improvement: unquoted variables
permissions	41	stable	Known false positive (copilot-requests scope)
expression	11	+10 NEW	Was 1, now 11
runner-label	9	NEW	New finding type, not previously tracked

Top Priority Issues

1. 🆕 Template Injection — HIGH Severity (24 workflows, growing)

• Tool: zizmor
• Count: 24 High + 49 Informational = 73 total (was 3 two days ago)
• Severity: High (code injection risk)
• Trend: Rapidly growing — 3 → 49 → 73 in 3 days, now with HIGH severity findings
• Affected: audit-workflows, copilot-pr-nlp-analysis, copilot-session-insights, daily-code-metrics, daily-copilot-token-report, daily-firewall-report, daily-integrity-analysis, daily-issues-report, daily-multi-device-docs-tester, daily-news, daily-performance-summary, daily-repo-chronicle, deep-report, docs-noob-tester, github-mcp-structural-analysis, org-health-report, poem-bot, portfolio-analyst, python-data-charts, stale-repo-identifier, technical-doc-writer, unbloat-docs, weekly-editors-health-check, weekly-issue-summary
• Description: Workflow expressions use $\{\{ github.event.* }} values directly in shell run: steps, enabling injection of arbitrary shell commands via malicious issue/PR content.
• Reference: (docs.zizmor.sh/redacted)

2. 🔴 Untrusted Checkout Exec — poutine ERROR (day 10 unresolved)

• Tool: poutine
• Count: 6 findings in 2 workflows
• Severity: Error (arbitrary code execution)
• Affected: smoke-workflow-call, smoke-workflow-call-with-inputs
• Day Unresolved: 10 consecutive days
• Description: Workflows executing bash \$\{RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh on code from untrusted PRs, enabling RCE from arbitrary pull requests.

3. ✅ RESOLVED Today: github-env + unpinned-uses (High)

Two previously-tracked High severity issues are now fully resolved:

• github-env (8 findings in ci-doctor, dev-hawk) → 0 today
• unpinned-uses (2 findings in daily-cli-performance, issue-monster) → 0 today

Fix Suggestion for Template Injection

Issue: Template injection via unsanitized GitHub event data in run: steps
Severity: High (24 workflows) + Informational (49 occurrences)
Reference: (docs.zizmor.sh/redacted)

Prompt to Copilot Agent:

You are fixing a High severity security vulnerability identified by zizmor in GitHub Actions workflows.

**Vulnerability**: Template Injection (zizmor rule: `template-injection`)
**Rule Reference**: (docs.zizmor.sh/redacted)

**Current Issue**:
Workflow `run:` steps directly interpolate GitHub context expressions like
`$\{\{ github.event.issue.title }}`, `$\{\{ github.event.pull_request.title }}`,
`$\{\{ github.event.comment.body }}`, etc. into shell scripts.
An attacker can craft a malicious issue title, PR title, or comment body containing
shell metacharacters (e.g., `$(evil_command)`) to achieve Remote Code Execution.

**Required Fix**:
Move the untrusted GitHub context value into an environment variable, then reference
that environment variable in the shell script using `$VAR_NAME` (not `$\{\{ ... }}`).
This prevents the expression from being treated as shell syntax.

**Example**:

Before (VULNERABLE):
```yaml
- name: Process issue title
  run: echo "Processing: $\{\{ github.event.issue.title }}"
```

After (SAFE):
```yaml
- name: Process issue title
  env:
    ISSUE_TITLE: $\{\{ github.event.issue.title }}
  run: echo "Processing: $ISSUE_TITLE"
```

**Steps**:
1. Find all `run:` steps that contain `$\{\{ github.event.* }}`, `$\{\{ github.head_ref }}`,
   `$\{\{ github.actor }}`, or any other user-controlled GitHub context value.
2. For each such occurrence, extract the `$\{\{ ... }}` expression into a new `env:` block
   on the same step with an ALL_CAPS variable name.
3. Replace the `$\{\{ ... }}` reference in the shell script with the `$VAR_NAME` form.
4. Do not change other `$\{\{ ... }}` expressions that are not user-controlled
   (e.g., `$\{\{ github.token }}`, `$\{\{ github.sha }}`, `$\{\{ secrets.* }}`).

**Apply this fix to these workflows** (High severity findings):
audit-workflows, copilot-pr-nlp-analysis, copilot-session-insights, daily-code-metrics,
daily-copilot-token-report, daily-firewall-report, daily-integrity-analysis,
daily-issues-report, daily-multi-device-docs-tester, daily-news, daily-performance-summary,
daily-repo-chronicle, deep-report, docs-noob-tester, github-mcp-structural-analysis,
org-health-report, poem-bot, portfolio-analyst, python-data-charts, stale-repo-identifier,
technical-doc-writer, unbloat-docs, weekly-editors-health-check, weekly-issue-summary

All Findings Details by Workflow

Template Injection — High Severity Workflows (24)

Workflow	Severity	Notes
audit-workflows	High
copilot-pr-nlp-analysis	High
copilot-session-insights	High
daily-code-metrics	High
daily-copilot-token-report	High	Also has poutine unverified_script_exec
daily-firewall-report	High	Also has missing vulnerability-alerts permission
daily-integrity-analysis	High
daily-issues-report	High
daily-multi-device-docs-tester	High
daily-news	High
daily-performance-summary	High
daily-repo-chronicle	High
deep-report	High	Also has missing vulnerability-alerts permission
docs-noob-tester	High
github-mcp-structural-analysis	High	Also has missing vulnerability-alerts permission
org-health-report	High
poem-bot	High
portfolio-analyst	High
python-data-charts	High
stale-repo-identifier	High
technical-doc-writer	High
unbloat-docs	High
weekly-editors-health-check	High
weekly-issue-summary	High

Poutine Untrusted Checkout Exec (day 10)

Both workflows (smoke-workflow-call, smoke-workflow-call-with-inputs) have 3 findings each for executing bash \$\{RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh, validate_prompt_placeholders.sh, and print_prompt_summary.sh on checkout from PR context. These already have # poutine:ignore untrusted_checkout_exec comments but poutine is still reporting them — the ignore directive may need review.

Compiler Warnings

Warning Type	Count
Schedule fixed time	7
Missing vulnerability-alerts permission	7
Experimental rate-limit feature	3
Push-to-PR-branch warnings	2
Copilot web-search unsupported	2
Discussion category normalized	1
Other	10

Historical Trends

Date	Zizmor	Actionlint	Poutine	Notable
2026-03-09	3,545	41	9	NEW: secrets-outside-env audit added
2026-03-15	3,744	43	18	NEW: poutine untrusted_checkout_exec
2026-03-18	3,814	3,838	1	Actionlint raw reporting changed
2026-03-22	3,848	3,904	19	Stable
2026-03-23	3,894	3,927	19	SPIKE: template-injection 3→49
2026-03-24	3,925	3,898	20	RESOLVED: github-env, unpinned-uses. ESCALATED: template-injection High

Key trend: The template-injection spike that began yesterday (3 → 49) has escalated further today (49 → 73) and the severity has upgraded to High for 24 of the findings. This warrants immediate attention.

Recommendations

1. Immediate — Fix template-injection in the 24 High-severity workflows using the fix prompt above. This is an RCE risk on workflows processing untrusted issue/PR data.
2. Ongoing — Investigate poutine:ignore untrusted_checkout_exec directives in smoke-workflow-call(s) — they are present but poutine continues to flag (day 10). Review if the ignore syntax is correct.
3. New this run — The dev workflow now has a pr_runs_on_self_hosted poutine finding (gpu runner). Review whether this PR trigger + self-hosted runner combination is intentional.
4. Actionlint — 9 new runner-label findings and +10 expression issues appeared today; review if these are from newly compiled workflows or genuine regressions.
5. Long-term — The secrets-outside-env issue (3,830 findings, all 177 workflows) is the dominant volume issue. Consider a batch fix after addressing the High severity issues.

Next Steps

• Apply template-injection fix prompt to 24 High-severity workflows
• Investigate poutine ignore directives in smoke-workflow-call(s) (day 10 unresolved)
• Review dev workflow pr_runs_on_self_hosted (aw-gpu-runner-T4)
• Audit new actionlint runner-label findings (9 occurrences)
• Plan batch remediation for secrets-outside-env (3,830 findings)

References:

• §23508971424 — Today's workflow run
• §23424788603 — Yesterday's run (template-injection spike detected)
• (docs.zizmor.sh/redacted)

AI generated by Static Analysis Report · history

• expires on Mar 25, 2026, 7:51 PM UTC

[github-actions[bot]]

💥 WHOOSH!! 🦸

— THE SMOKE TEST AGENT WAS HERE —

⚡ KAPOW! Claude engine online! All systems: NOMINAL!

"With great smoke tests comes great reliability!"

🔥 Run §23509681612 blasted through the cosmos and returned victorious! 🚀

— Illustrated by Smoke Claude, 2026-03-24 💥

💥 [THE END] — Illustrated by Smoke Claude · ◷

[github-actions[bot]]

This discussion has been marked as outdated by Static Analysis Report.

A newer discussion is available at Discussion #22961.