PDP-1182 SECCMP-1797: Fix PwnRequest shell injection in jira-id-check.yml#42
Merged
SameeraPriyathamTadikonda merged 5 commits intomainfrom Apr 8, 2026
Merged
Conversation
Move all attacker-controlled inputs (pr-title, github.event.pull_request.title)
from direct ${{ }} interpolation in shell run blocks to safe env: variables.
This eliminates the script injection vector where a malicious PR title
could execute arbitrary commands with the workflow's write token.
Also adds explicit permissions: pull-requests: read to enforce least privilege.
GAdityaVarma
changed the title
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens the central jira-id-check.yml GitHub Actions workflow against PwnRequest-style shell injection by avoiding direct ${{ }} interpolation inside run: scripts, and it reduces token privileges for least-privilege execution.
Changes:
- Pass PR title and other potentially attacker-controlled values into the script via
env:variables and reference them as shell variables. - Add explicit job-level
permissions: pull-requests: read. - Minor log output adjustments while preserving the existing title re-fetch via
gh pr view.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
These inputs were defined but never wired into the matching logic: - regex-pattern: matching always used hardcoded VALID_KEY-[0-9]+ - fail-if-no-jira-id: script always exits 1 when no ID found Removed the inputs, their env: mappings, local variable assignments, and debug logging to avoid misleading callers. No caller passes these inputs today.
Prevents the write token from being persisted to disk (.git/config) after checkout. This limits exposure if attacker-controlled PR code could read files from the runner filesystem.
P1 fixes: - copyright-check.yml: move github.event.pull_request.base.ref to env: (branch names can contain shell metacharacters - injection risk) - trufflehog-scan.yml: add persist-credentials: false to checkout - trufflehog-scan.yml: move vars.TRUFFLEHOG_EXCLUDES to env: P2 fixes (defense-in-depth): - trufflehog-scan.yml: move step output counts to env: in Process step - copyright-check.yml: move step outputs (config-file, status) to env: - copyright-check.yml: move base.sha, head.sha, base.ref to env: in Get changed files step
SameeraPriyathamTadikonda
approved these changes
Apr 8, 2026
SameeraPriyathamTadikonda
deleted the
fix/SECCMP-1797-pwn-request-injection
branch
SameeraPriyathamTadikonda
added a commit
that referenced
this pull request
Apr 8, 2026
Pin all mutable action version tags to immutable commit SHAs to prevent supply chain attacks where a compromised upstream tag could run malicious code with elevated pull_request_target permissions. actions/checkout@v4 → @34e114876b (v4) actions/github-script@v7 → @f28e40c7f3 (v7) actions/setup-python@v4 → @7f4fc3e22c (v4) This was one of the findings from SECCMP-1797 / PDP-1182 security review (Aditya's PR #42 — trufflehog-scan.yml pinning). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
JIRA: https://progresssoftware.atlassian.net/browse/PDP-1182
SECCMP-1797: Fix PwnRequest Shell Injection in jira-id-check.yml
Vulnerability
This workflow uses
pull_request_targetwhich runs with the base repo's write permissions and secrets. The PR title (github.event.pull_request.title) was directly interpolated into shellrun:blocks via${{ }}expressions:GitHub Actions renders
${{ }}expressions before the shell executes. An attacker could fork the repo, open a PR with a title like:This would execute arbitrary commands with the repo's write token - classic PwnRequest attack.
Fix
All attacker-controlled inputs are now passed through
env:variables instead of direct${{ }}interpolation inrun:blocks:Environment variables are set outside the shell context and accessed safely via
$VARsyntax, preventing injection.Additional hardening
permissions: pull-requests: readto enforce least privilege (this job only reads PR titles, never writes)Impact
This central reusable workflow is called by 14 repos across the
marklogicorg. Fixing it here remediates the injection vector for all callers.References