Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
- swcstudio/supercompute/.github/workflows/ai-issue-decomposer.yml
Vulnerability:
- In job 'decompose-issue', step 'Create Subtask Issues', the LLM-generated
subtask.title is interpolated into a shell command inside a Node.js script and executed via execSync. The upstream LLM step 'AI Decomposition' is influenced by the attacker-controlled github.event.issue.title and github.event.issue.body, creating a model-mediated command injection sink.
- In job 'decompose-issue', step 'Generate Visualizations', the LLM-generated file
dependencies.mmd is processed by the mmdc command-line tool. The upstream LLM step 'AI Decomposition' is influenced by the attacker-controlled github.event.issue.title and github.event.issue.body, creating a potential model-mediated execution sink via vulnerabilities in the mmdc tool.
Thank you for your time and for maintaining this project.
Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
Vulnerability:
subtask.titleis interpolated into a shell command inside a Node.js script and executed viaexecSync. The upstream LLM step 'AI Decomposition' is influenced by the attacker-controlledgithub.event.issue.titleandgithub.event.issue.body, creating a model-mediated command injection sink.dependencies.mmdis processed by themmdccommand-line tool. The upstream LLM step 'AI Decomposition' is influenced by the attacker-controlledgithub.event.issue.titleandgithub.event.issue.body, creating a potential model-mediated execution sink via vulnerabilities in themmdctool.Thank you for your time and for maintaining this project.