[Safe Outputs Conformance] SEC-005: Cross-repo handlers lack allowlist validation patterns

[github-actions]

Conformance Check Failure

Check ID: SEC-005
Severity: HIGH
Category: Security
Run ID: §23061582676
Run Date: 2026-03-13

Problem Description

The automated SEC-005 conformance check flags two handlers that reference target-repo / targetRepo but do not contain the expected allowlist-validation patterns (allowed.*[Rr]epos, validateTargetRepo, or checkAllowedRepo). Without an explicit allowlist guard, a misconfigured or attacker-supplied target-repo value could cause the handler to operate against an unintended repository.

Affected Components

• Files:
  • actions/setup/js/dispatch_workflow.cjs
  • actions/setup/js/resolve_host_repo.cjs
• Check script: scripts/check-safe-outputs-conformance.sh (SEC-005, line 158–177)

Current Behavior

dispatch_workflow.cjs

The handler reads a target-repo value from config (via resolveTargetRepoConfig), parses it, and dispatches workflows to the resulting repo slug without checking whether that slug is on an allowlist.

Key lines (~36–43):

const parsedRepo = parseRepoSlug(normalizedTargetRepo);
if (!parsedRepo) {
  core.warning(...);
} else {
  resolvedRepoSlug = normalizedTargetRepo;   // <-- used as-is
  repo = parsedRepo;
}

resolve_host_repo.cjs

The handler resolves the target repository from GITHUB_WORKFLOW_REF (a trusted runtime environment variable). The file already contains an inline SEC-005 rationale comment (lines 26–29) explaining why no allowlist is needed in this specific case. However, the conformance checker does not recognise inline justifications — it only looks for the allowlist function call patterns.

Expected Behavior

Per the Safe Outputs specification (SEC-005), any handler that operates across repositories must either:

1. Validate the target repo against an explicit allowlist (allowed.*[Rr]epos, validateTargetRepo, or checkAllowedRepo), or
2. Have the conformance checker updated to recognise documented exemption comments for trusted-source values.

Remediation Steps

This task is suitable for a Copilot coding agent. Two independent sub-tasks:

Sub-task A — dispatch_workflow.cjs

1. Determine whether target-repo in this handler is operator-supplied config or user-controlled input.
2. If operator-supplied, add an allowlist field (e.g. allowed_repos) to the handler config and validate normalizedTargetRepo against it before use.
3. Log a clear error and abort dispatch if the target repo is not in the allowlist.
4. Update tests to cover allowed and disallowed repo scenarios.

Sub-task B — resolve_host_repo.cjs

1. The existing inline comment explains the exemption correctly. Either:
   • Add a sentinel comment or constant (e.g. // allowlist-exempt: trusted-env-var) that the conformance checker can recognise, and update scripts/check-safe-outputs-conformance.sh to skip files containing this pattern, or
   • Add a thin no-op allowlist guard (checkAllowedRepo) that is a pass-through when values are sourced from GITHUB_WORKFLOW_REF, so the conformance grep succeeds.

Verification

After remediation, run:

bash scripts/check-safe-outputs-conformance.sh

The SEC-005 check should report [PASS] SEC-005: All cross-repo handlers validate allowlists with exit code 0.

References

• Safe Outputs Specification: docs/src/content/docs/reference/safe-outputs-specification.md
• Conformance Checker: scripts/check-safe-outputs-conformance.sh
• Run ID: §23061582676
• Date: 2026-03-13

Generated by Daily Safe Outputs Conformance Checker · ◷

• expires on Mar 14, 2026, 5:02 PM UTC

[github-actions]

This issue is being closed as outdated. A newer issue has been created: #20959

View newer issue

---

This action was performed automatically by the Daily Safe Outputs Conformance Checker workflow.