🔒 Implement markdown security scanner for workflows

[dsyme]

Summary

• Added comprehensive security scanning for markdown workflow content
• Detects and prevents various malicious content injection techniques
• Blocks workflows with dangerous patterns before they can be added

Key Changes

• Implemented ScanMarkdownSecurity() function in pkg/workflow/markdown_security_scanner.go
• Added security checks for:
  • Unicode abuse (zero-width characters, bidi overrides)
  • Hidden content (suspicious HTML comments, CSS hiding)
  • Obfuscated links (data URIs, misleading URLs)
  • HTML abuse (script tags, event handlers)
  • Embedded executable files
  • Social engineering patterns

Security Implications

This security scanner provides a robust defense against potential workflow injection attacks by:

• Preventing malicious content from being added via gh aw add or trial mode
• Scanning imported workflow files
• Blocking workflows with dangerous patterns with no override possible

[Copilot]

Pull request overview

This pull request implements a comprehensive markdown security scanner for workflow files to detect and prevent various malicious content injection techniques. The scanner is designed to protect against workflow injection attacks by blocking dangerous patterns when workflows are added via gh aw add, during trial mode, and when importing files during compilation.

Changes:

• Added ScanMarkdownSecurity() function with detection for 6 categories of threats: Unicode abuse, hidden content, obfuscated links, HTML abuse, embedded files, and social engineering patterns
• Integrated security scanning into the workflow add command, trial mode, and import processing during compilation
• Added comprehensive test suite with 40+ test cases covering various attack vectors and edge cases

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
pkg/workflow/markdown_security_scanner.go	Core implementation of security scanner with pattern detection for multiple attack categories
pkg/workflow/markdown_security_scanner_test.go	Comprehensive test suite with coverage for all security categories and edge cases
pkg/workflow/compiler_orchestrator_engine.go	Integration of security scanning for imported workflow files during compilation
pkg/cli/add_command.go	Security scanning integration when adding workflows via gh aw add
pkg/cli/trial_repository.go	Security scanning integration for trial mode workflow installation
docs/src/content/docs/reference/markdown.md	Documentation of security scanning feature and threat categories

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[pelikhan]

weird keyword, it's not commonly used

[pelikhan]

Can we have a cli flag to turn it off?

[pelikhan]

@copilot add cli flag --disable-security-scanner to disable this check

[Copilot]

@pelikhan I've opened a new pull request, #15225, to work on those changes. Once the pull request is ready, I'll request review from you.