Skip to content

[HIGH] external PR replay workflow promotes fork code to trusted CI without an in-workflow actor/content gate #144

Description

@Daliys

Problem

approve-external-pr.yml copies fork commits into an internal trusted/pr-* branch and force-pushes it, causing regular trusted CI to run, but relies on repo-level workflow permissions and maintainer judgment rather than an in-workflow actor/content gate.

Evidence

  • .github/workflows/approve-external-pr.yml:25-35 exposes a workflow_dispatch job with contents: write.
  • .github/workflows/approve-external-pr.yml:18-22 documents that Actions permissions are the trust boundary, but the workflow has no actor allowlist check.
  • .github/workflows/approve-external-pr.yml:96-114 clones the fork branch with GITHUB_TOKEN, verifies SHA after clone, then force-pushes it to trusted/pr-<N>.
  • The workflow comments state that validate.yml runs as internal/trusted CI after the push.

Impact

If workflow dispatch permissions are loosened or misconfigured, a collaborator could replay arbitrary fork code into a trusted branch that triggers privileged self-hosted CI. Even for maintainers, there is no required in-workflow content scan/diff checkpoint before trusted CI runs.

Suggested fix

Add an explicit actor/team allowlist in the workflow, avoid force-pushing without review metadata, and add a content/diff scan step before creating the trusted branch. Keep trusted CI opt-in tied to a clearly reviewed SHA.

Source report

Imported from audit report items:

  • security (15) / .github/workflows/approve-external-pr.yml:26
  • security (15) / .github/workflows/approve-external-pr.yml:96

Grouped because both describe the same trusted-branch replay risk.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingneeds-triageImported or reported issue awaiting owner reviewpriority: highMajor broken workflow or broad compatibility failuresurface: ciGitHub Actions, validation scripts, or release checkstype: securitySecurity vulnerability or unsafe trust boundary

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions