diff --git a/actions/setup/src/index.js b/actions/setup/src/index.js
index 822b3964a2..e646ec7614 100644
--- a/actions/setup/src/index.js
+++ b/actions/setup/src/index.js
@@ -1,9 +1,9 @@
 // Setup Activation Action
 // Copies activation job files to the agent environment
 
-const core = require('@actions/core');
-const fs = require('fs');
-const path = require('path');
+const core = require("@actions/core");
+const fs = require("fs");
+const path = require("path");
 
 // Embedded activation files will be inserted here during build
 const FILES = {
@@ -12,29 +12,31 @@ const FILES = {
 
 async function run() {
   try {
-    const destination = core.getInput('destination') || '/tmp/gh-aw/actions/activation';
-    
+    const destination = core.getInput("destination") || "/tmp/gh-aw/actions/activation";
+
     core.info(`Copying activation files to ${destination}`);
-    
-    // Create destination directory if it doesn't exist
+
+    // Create destination directory with secure permissions if it doesn't exist
+    // Note: mode parameter is ignored on Windows; relies on default NTFS permissions
     if (!fs.existsSync(destination)) {
-      fs.mkdirSync(destination, { recursive: true });
+      fs.mkdirSync(destination, { recursive: true, mode: 0o700 });
       core.info(`Created directory: ${destination}`);
     }
-    
+
     let fileCount = 0;
-    
+
     // Copy each embedded file
     for (const [filename, content] of Object.entries(FILES)) {
       const filePath = path.join(destination, filename);
-      fs.writeFileSync(filePath, content, 'utf8');
+      // Create file with secure permissions (readable/writable only by owner)
+      // Note: mode parameter is ignored on Windows; relies on default NTFS permissions
+      fs.writeFileSync(filePath, content, { encoding: "utf8", mode: 0o600 });
       core.info(`Copied: ${filename}`);
       fileCount++;
     }
-    
-    core.setOutput('files-copied', fileCount.toString());
+
+    core.setOutput("files-copied", fileCount.toString());
     core.info(`✓ Successfully copied ${fileCount} files`);
-    
   } catch (error) {
     core.setFailed(`Action failed: ${error.message}`);
   }
diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go
index 587e483b0c..fcf1714703 100644
--- a/pkg/workflow/claude_engine.go
+++ b/pkg/workflow/claude_engine.go
@@ -229,7 +229,7 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str
 		// Use claude command directly (available in PATH from hostedtoolcache mount)
 		commandName = "claude"
 	}
-	
+
 	commandParts := []string{commandName}
 	commandParts = append(commandParts, claudeArgs...)
 	commandParts = append(commandParts, promptCommand)
diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go
index ec0edecb5a..7a9d9b3fe9 100644
--- a/pkg/workflow/codex_engine.go
+++ b/pkg/workflow/codex_engine.go
@@ -174,7 +174,7 @@ func (e *CodexEngine) GetExecutionSteps(workflowData *WorkflowData, logFile stri
 		// PATH will be set to find codex in hostedtoolcache when firewall is enabled
 		commandName = "codex"
 	}
-	
+
 	codexCommand := fmt.Sprintf("%s %sexec%s%s%s\"$INSTRUCTION\"",
 		commandName, modelParam, webSearchParam, fullAutoParam, customArgsParam)
 
@@ -316,7 +316,7 @@ mkdir -p "$CODEX_HOME/logs"
 		} else {
 			commandName = "codex"
 		}
-		
+
 		if workflowData.AgentFile != "" {
 			agentPath := ResolveAgentFilePath(workflowData.AgentFile)
 			command = fmt.Sprintf(`set -o pipefail
diff --git a/pkg/workflow/copilot_engine_execution.go b/pkg/workflow/copilot_engine_execution.go
index f577959c0b..c1491cc857 100644
--- a/pkg/workflow/copilot_engine_execution.go
+++ b/pkg/workflow/copilot_engine_execution.go
@@ -151,7 +151,7 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st
 	if sandboxEnabled {
 		// Build base command
 		var baseCommand string
-		
+
 		// Check if custom command is specified
 		var commandName string
 		if workflowData.EngineConfig != nil && workflowData.EngineConfig.Command != "" {
@@ -171,7 +171,7 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st
 				commandName = "/usr/local/bin/copilot"
 			}
 		}
-		
+
 		baseCommand = fmt.Sprintf("%s %s", commandName, shellJoinArgs(copilotArgs))
 
 		// Add conditional model flag if needed
@@ -189,7 +189,7 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st
 		} else {
 			commandName = "copilot"
 		}
-		
+
 		baseCommand := fmt.Sprintf("%s %s", commandName, shellJoinArgs(copilotArgs))
 
 		// Add conditional model flag if needed