Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
- swcstudio/katalyst/.github/workflows/ai-pr-creator.yml
Vulnerability:
- In job 'ai-implementation', step 'Extract Task Details', the attacker-controlled source 'github.event.issue.body' is read into the shell variable 'ISSUE_BODY' and expanded without quotes in the
run shell sink, leading to command injection.
- In job 'ai-implementation', step 'Create Working Branch', the attacker-controlled source 'github.event.inputs.branch_name' is passed via step 'Extract Task Details' and spliced into the
run shell sink, leading to command injection in the git checkout command.
- In job 'ai-implementation', step 'Create Pull Request', the attacker-controlled source 'github.event.issue.body' is passed via step 'Extract Task Details' and spliced into the
gh pr create command as the --title argument, potentially leading to argument injection.
Thank you for your time and for maintaining this project.
Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
Vulnerability:
runshell sink, leading to command injection.runshell sink, leading to command injection in thegit checkoutcommand.gh pr createcommand as the--titleargument, potentially leading to argument injection.Thank you for your time and for maintaining this project.