Skip to content

Security review: API keys, token handling, permissions model #6

New issue
New issue
Open
Open
Security review: API keys, token handling, permissions model#6
Labels
enhancementNew feature or request
@nev-offload

Description

@nev-offload
nev-offload
opened on Feb 1, 2026

Problem

Before public release, the action needs a security review of how it handles sensitive data and permissions.

Areas to review

  1. API key handling

    • Keys are passed as GitHub Secrets (good) but need to verify they're never logged
    • Mask all sensitive values in action output (core.setSecret())

  2. GitHub token permissions

    • Document minimum required permissions
    • Use least-privilege: only request issues: write, pull-requests: write, contents: read
    • Support fine-grained PATs

  3. Agent sandboxing

    • What tools does the agent have access to?
    • Can it execute arbitrary code? If so, in what context?
    • Should there be an allowlist of permitted operations?

  4. Input validation

    • Sanitize issue/PR content before passing to the agent (prompt injection risk)
    • Don't let issue authors trick the agent into revealing secrets or performing unintended actions

  5. Rate limiting

    • Prevent abuse (e.g., someone opening 100 issues to burn API credits)
    • Consider per-repo or per-user rate limits

Priority

P1 — Must be addressed before any public/marketplace release.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions