Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
- ModularGroup/scratch-id/.github/workflows/summary-slash-command.yml
Vulnerability:
- In job 'summary', step 'Comment with AI summary', the LLM response is spliced into the
run shell via ${{ steps.inference.outputs.response }}; the upstream LLM step 'Run AI inference' is prompted with attacker-controlled sources github.event.issue.title and github.event.issue.body; the sink is the run shell, leading to model-mediated command injection.
Thank you for your time and for maintaining this project.
Hello maintainers,
I would like to report a potential vulnerability in your GitHub CI workflows.
Affected files:
Vulnerability:
runshell via${{ steps.inference.outputs.response }}; the upstream LLM step 'Run AI inference' is prompted with attacker-controlled sourcesgithub.event.issue.titleandgithub.event.issue.body; the sink is therunshell, leading to model-mediated command injection.Thank you for your time and for maintaining this project.