[static-analysis] Report - 2026-05-30

[github-actions]

Analysis Summary

Daily static analysis scan of 236 workflow files using four tools. Fully stable day — all four tool totals are identical to 2026-05-29, no new runner-guard rule+file pairs. Highest-severity actionable item remains 2 zizmor High github-env findings on dev-hawk.lock.yml, persisting 8 consecutive days since 2026-05-23.

• Tools: zizmor, poutine, actionlint, runner-guard
• Total Findings: 1,838 — Net change vs 2026-05-29: 0
• Workflows Scanned: 236 | Affected: ~60

Findings by Tool

Tool	Total	Critical	High	Medium	Low/Info
zizmor (security)	73	0	2	2	69
poutine (supply chain)	25	0	0	0	25
actionlint (linting)	1,451	-	-	-	-
runner-guard (taint)	289	0	280	9	0

Critical / High Severity Issues

1. zizmor github-env [High] ×2 — dev-hawk.lock.yml lines 741 & 1606. Dangerous $GITHUB_ENV write. Persisting 8 days.
2. runner-guard RGS-004 [High] ×263 — Comment-triggered workflows w/o author-authorization check (q, ai-moderator, dev-hawk). Prior issues closed.
3. runner-guard RGS-012 [High] ×10 — Secret exfiltration via outbound HTTP, 5 workflows. Prior issues closed.
4. runner-guard RGS-018 [High] ×7 — Suspicious payload execution, 7 workflows. Open issue [static-analysis] RGS-018: Suspicious Payload Execution Pattern in daily-byok-ollama-test.lock.yml #35653.
5. poutine untrusted_checkout_exec [error] ×12 — Arbitrary code exec from untrusted changes (suppressed via # poutine:ignore): dependabot-worker, smoke-workflow-call, smoke-workflow-call-with-inputs.

Clustered Findings

Zizmor

Issue	Severity	Count	Affected
template-injection	Info	39	gateway/safe-output steps (many)
obfuscation	Low	25	GH_AW_WIKI_NOTE: ${{ '' }} (many)
template-injection	Low	4	various
github-env	High	2	dev-hawk (741, 1606)
excessive-permissions	Medium	1	dependabot-repair (357)
artipacked	Medium	1	daily-geo-optimizer (1410)
superfluous-actions	Info	1	(1)

Poutine

Issue	Severity	Count	Affected
untrusted_checkout_exec	error	12	dependabot-worker, smoke-workflow-call(+with-inputs)
github_action_from_unverified_creator_used	note	9	link-check, agentic-token-audit, hippo-embed, mcp-inspector, super-linter, smoke-codex, +2
unverified_script_exec	note	3	daily-byok-ollama-test, smoke-codex, copilot-setup-steps
pr_runs_on_self_hosted	warning	1	smoke-copilot-arm

Actionlint

Issue	Count
shellcheck	931
syntax-check	393 (mostly "unexpected key queue for concurrency")
permissions	111
expression	16

Runner-Guard (289 findings; no score/grade in output)

Rule	Name	Sev	Count	Workflows
RGS-004	Comment-Triggered Workflow w/o Author Auth	high	263	q, ai-moderator, dev-hawk
RGS-012	Secret Exfiltration via Outbound HTTP	high	10	daily-model-inventory, daily-multi-device-docs-tester, docs-noob-tester, visual-regression-checker, daily-byok-ollama-test
RGS-018	Suspicious Payload Execution Pattern	high	7	daily-cli-performance, daily-sentrux-report, go-logger, smoke-claude, smoke-codex, copilot-setup-steps, daily-byok-ollama-test
RGS-005	Excessive Permissions on Untrusted Trigger	med	8	agentic_commands, ai-moderator, q
RGS-019	Step Output Interpolated in run Block	med	1	error-message-lint

Issues created this run: none. All High rule+file pairs already have prior issues (closed → skipped; open → commented). Added one recurring-finding comment to open issue #35653 (RGS-018 / daily-byok-ollama-test).

Runner-Guard dedup decisions

Rule	File	Existing	Action
RGS-004	q / ai-moderator / dev-hawk	Closed #28156/#29694/#30284	Skip
RGS-012	daily-model-inventory	Closed #30776	Skip
RGS-012	daily-multi-device-docs-tester	Closed #33477	Skip
RGS-012	docs-noob-tester	Closed #28488	Skip
RGS-012	visual-regression-checker	Closed #30947	Skip
RGS-012	daily-byok-ollama-test	Closed #35652	Skip
RGS-018	go-logger/daily-cli-performance/smoke-claude/smoke-codex	Closed #28154	Skip
RGS-018	daily-sentrux-report	Closed #30532/#29461	Skip
RGS-018	copilot-setup-steps	Closed #33476	Skip
RGS-018	daily-byok-ollama-test	Open #35653	Comment

Fix Suggestion — Zizmor github-env [High]

Affected: dev-hawk.lock.yml lines 741 & 1606 (persisting 8 days). Ref: (docs.zizmor.sh/redacted)

Prompt to Copilot Agent:

You are fixing a High-severity zizmor finding: github-env (dangerous use of environment file).
Ref: (docs.zizmor.sh/redacted)

Issue: a step writes a runtime-derived value into $GITHUB_ENV, e.g.
  GH_HOST="${GITHUB_SERVER_URL#https://}"
  echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
If the value can contain a newline/attacker-influenced data, an attacker can inject extra env
vars (NODE_OPTIONS, PATH) → environment poisoning / code execution in later steps.

Fix (apply in the gh-aw COMPILER TEMPLATE that emits this block — lock files are generated):
1. Validate the derived value against a strict allowlist before writing (hostnames: [A-Za-z0-9.-] only; abort otherwise).
2. Prefer $GITHUB_OUTPUT + steps.<id>.outputs.<name> over $GITHUB_ENV when only later steps in the same job read it.
3. If $GITHUB_ENV is required, use the heredoc-with-random-delimiter form and forbid newlines.

After:
  - name: Derive GH_HOST
    id: ghes-host-config
    run: |
      GH_HOST="${GITHUB_SERVER_URL#https://}"; GH_HOST="${GH_HOST#(redacted)
      case "$GH_HOST" in *[!A-Za-z0-9.-]*) echo "::error::Unexpected GH_HOST"; exit 1 ;; esac
      echo "gh_host=${GH_HOST}" >> "$GITHUB_OUTPUT"
  # later: ${{ steps.ghes-host-config.outputs.gh_host }}

Search the compiler for "GH_HOST" + "GITHUB_ENV", apply the validation + GITHUB_OUTPUT migration, recompile so dev-hawk.lock.yml no longer triggers the audit.

Historical Trends

Date	zizmor	poutine	actionlint	runner-guard
2026-05-27	73	24	1,293	285
2026-05-28	73	24	1,450	285
2026-05-29	73	25	1,451	289
2026-05-30	73	25	1,451	289

• Previous total 1,838 → current 1,838 → change 0 (0%), fully stable.
• New issues: none. Resolved: none — dev-hawk github-env High persists (8th day).

Recommendations

1. Immediate: Remediate the persistent zizmor High github-env in dev-hawk.lock.yml (741, 1606) via the compiler-template fix above — highest-severity item, unaddressed 8 days.
2. Short-term: Triage recurring RGS-018 open issue [static-analysis] RGS-018: Suspicious Payload Execution Pattern in daily-byok-ollama-test.lock.yml #35653 (daily-byok-ollama-test).
3. Short-term: Confirm/document the 12 poutine untrusted_checkout_exec suppressions.
4. Long-term: Reduce actionlint concurrency.queue syntax-check noise (393); verify whether it is an unrecognized gh-aw extension key.
5. Prevention: Bake the author_association guard into the compiler so new comment-triggered workflows don't reintroduce RGS-004.

Next Steps

• Fix zizmor High github-env in the compiler template (dev-hawk)
• Triage recurring RGS-018 finding [static-analysis] RGS-018: Suspicious Payload Execution Pattern in daily-byok-ollama-test.lock.yml #35653
• Document poutine untrusted_checkout_exec suppressions
• Reduce actionlint concurrency.queue noise
• Verify compiler-level author_association guard

References: §26676218168

Generated by 📊 Static Analysis Report · opus48 2.8M · ◷

• expires on Jun 6, 2026, 6:08 AM UTC