Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
- swcstudio/katalyst/.github/workflows/ai-refactoring-assistant.yml
Vulnerability:
- In job 'refactor-code', step 'Parse Refactor Request', the attacker-controlled input '${{ github.event.comment.body }}' is spliced directly into the run shell, leading to command injection.
- In job 'refactor-code', attacker-controlled input from
github.event.comment.body is parsed and used to construct the LLM prompt in step 'AI Refactoring'. A malicious comment can inject instructions, causing the LLM to generate malicious code. This code is written to a file and then executed by the 'Run Tests' step via npm test.
Thank you for your time and for maintaining this project.
Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
Vulnerability:
github.event.comment.bodyis parsed and used to construct the LLM prompt in step 'AI Refactoring'. A malicious comment can inject instructions, causing the LLM to generate malicious code. This code is written to a file and then executed by the 'Run Tests' step vianpm test.Thank you for your time and for maintaining this project.