Static Analysis Report - 2026-02-25

[github-actions[bot]]

Daily static analysis scan of all agentic workflows using zizmor, poutine, and actionlint. Today's scan returned 172 total findings across 158 workflows, with a notable reappearance of zizmor security findings (4) after 3 days of zero — including one Medium severity credential persistence vulnerability.

Analysis Summary

• Tools Used: zizmor v(latest), poutine, actionlint v1.7.11
• Total Findings: 172
• Workflows Scanned: 158
• Workflows Affected: 28 (actionlint) + 2 (zizmor) + 4 (poutine)
• Compilation Status: All 158 workflows compiled successfully

Findings by Tool

Tool	Total	Critical	High	Medium	Low/Info
zizmor (security)	4	0	0	1	3
poutine (supply chain)	7	0	0	0	7
actionlint (linting)	161	—	—	—	161

Clustered Findings by Tool and Type

Zizmor Security Findings

Issue Type	Severity	Count	Affected Workflows
template-injection	Informational	3	contribution-check
artipacked	Medium	1	daily-copilot-token-report

Poutine Supply Chain Findings

Issue Type	Severity	Count	Affected Workflows/Locations
pr_runs_on_self_hosted	Warning	1	smoke-copilot-arm (line 278)
unpinnable_action	Note	2	daily-perf-improver/build-steps, daily-test-improver/coverage-steps
unverified_script_exec	Note	2	copilot-setup-steps.yml (line 17), daily-copilot-token-report (line 298)
github_action_from_unverified_creator_used	Note	2	(1 repo, 2 occurrences)

Actionlint Linting Issues

Issue Type	Count	Affected Workflows	Notes
shellcheck/SC1003	156	28 workflows	Systemic false positive: shellcheck scanning AWF --allow-domains URL lists containing single quotes in domain names
permissions	3	example-permissions-warning.md (1) + 2 copilot-requests	Missing required write permissions
shellcheck/SC2295	1	ci-doctor	Unquoted expansion in pattern context
shellcheck/SC2086	1	Unknown	Unquoted variable

Top Priority Issues

1. artipacked — Credential Persistence via Artifacts (zizmor)

• Tool: zizmor
• Count: 1
• Severity: Medium
• Affected: daily-copilot-token-report
• Location: Line 282 in compiled .lock.yml
• Description: actions/checkout persists GitHub token credentials in .git/config. If the workflow uploads artifacts containing the checkout directory, those credentials can be exfiltrated by anyone with artifact download access.
• Impact: Unauthorized access to repository with the token's permissions
• Reference: (woodruffw.github.io/redacted)

2. unverified_script_exec — curl | bash Execution (poutine)

• Tool: poutine
• Count: 2
• Severity: Note
• Affected: copilot-setup-steps.yml, daily-copilot-token-report
• Description: Workflows execute scripts fetched via curl ... | bash from raw.githubusercontent.com without verification. If the remote URL is compromised or the ref is mutable, malicious code could execute in the workflow.
• Impact: Supply chain compromise via script injection

3. pr_runs_on_self_hosted — PR Workflow on Self-Hosted Runner (poutine)

• Tool: poutine
• Count: 1
• Severity: Warning
• Affected: smoke-copilot-arm (line 278)
• Description: A PR-triggered workflow runs on a self-hosted runner (ubuntu-24.04-arm). Pull requests from forks can run untrusted code on self-hosted infrastructure.
• Impact: Self-hosted runner compromise from malicious PRs

4. Actionlint SC1003 — Systemic False Positive (156 occurrences)

• Tool: actionlint / shellcheck
• Count: 156 across 28 workflows
• Description: Shellcheck incorrectly reports SC1003 (single quote escaping) on AWF --allow-domains arguments containing domain name strings. These are false positives — the strings are double-quoted command arguments, not shell single-quote contexts.
• Impact: None (false positives, not real vulnerabilities)
• Recommendation: Suppress SC1003 in actionlint configuration for AWF command steps, or add # shellcheck disable=SC1003 inline.

Fix Suggestion for artipacked (Credential Persistence via Artifacts)

Issue: actions/checkout persists git credentials in .git/config by default, which can leak via artifact uploads.
Severity: Medium
Affected Workflows: 1 (daily-copilot-token-report.md)

Prompt to Copilot Agent:

You are fixing a security vulnerability identified by zizmor (security scanner for GitHub Actions).

**Vulnerability**: `artipacked` — Credential Persistence via Artifacts
**Rule**: `artipacked` — (woodruffw.github.io/redacted)
**Severity**: Medium

**Current Issue**:
When `actions/checkout` runs, it stores a GitHub token in the repository's `.git/config`
file to allow git operations. If a subsequent step uploads artifacts that include the 
workspace directory (or `.git/`), those persisted credentials can be captured by anyone 
who can download those artifacts.

**Required Fix**:
Add `persist-credentials: false` to the `actions/checkout` step in 
`.github/workflows/daily-copilot-token-report.md`.

Before:
```yaml
- uses: actions/checkout@(sha)
```

After:
```yaml
- uses: actions/checkout@(sha)
  with:
    persist-credentials: false
```

Only apply this if the workflow does not need authenticated git push/pull operations after 
checkout. If git auth is required later, instead ensure artifact upload paths exclude `.git`:

```yaml
- uses: actions/upload-artifact@(sha)
  with:
    path: |
      .
      !.git
```

Please apply the `persist-credentials: false` fix to the `actions/checkout` step in 
`.github/workflows/daily-copilot-token-report.md`.

All Findings Details

Zizmor Detailed Findings

contribution-check — template-injection (Informational, ×3)

• Severity: Informational
• Location: Line 340 in .github/workflows/contribution-check.lock.yml (step: "Write Safe Outputs Config")
• Description: Potential template injection via GitHub Actions expression interpolated into a shell script. If attacker-controlled data reaches the expression, it could inject shell commands.
• Reference: (woodruffw.github.io/redacted)
• Note: Informational severity — review the specific expression to determine if user-controlled data flows to this step.

daily-copilot-token-report — artipacked (Medium, ×1)

• Severity: Medium
• Location: Line 282 in .github/workflows/daily-copilot-token-report.lock.yml
• Description: actions/checkout with default persist-credentials: true (default). Git credentials are stored in .git/config and can be exfiltrated via artifact upload.
• Reference: (woodruffw.github.io/redacted)

Poutine Detailed Findings

smoke-copilot-arm — pr_runs_on_self_hosted (Warning)

• Location: .github/workflows/smoke-copilot-arm.lock.yml:278
• Runner: ubuntu-24.04-arm (self-hosted)
• Description: Workflow triggered by PRs runs on self-hosted runner. Fork PRs can execute untrusted code on self-hosted infrastructure.
• Fix: Use hosted runners for PR workflows, or gate self-hosted runner access with environment protection rules.

daily-perf-improver, daily-test-improver — unpinnable_action (Note, ×2)

• Locations: .github/actions/daily-perf-improver/build-steps/action.yml:1, .github/actions/daily-test-improver/coverage-steps/action.yml:1
• Description: CI components that cannot be pinned to a specific SHA (e.g., Docker actions, local reusable actions without versioning).

copilot-setup-steps, daily-copilot-token-report — unverified_script_exec (Note, ×2)

• Locations: .github/workflows/copilot-setup-steps.yml:17, .github/workflows/daily-copilot-token-report.lock.yml:298
• Description: curl ... | bash execution from raw.githubusercontent.com. Mutable refs (branches) could deliver changed scripts.
• Fix: Pin the curl target to a specific commit SHA, or download, verify checksum, then execute.

Unverified action creator (Note, ×2)

• Description: Actions from GitHub Marketplace creators without verified status are used.
• Fix: Prefer actions from verified or well-known creators, or pin to specific commit SHAs.

Actionlint Affected Workflows (28 total)

All 28 affected workflows have SC1003 false positives from AWF domain list strings:

ci-doctor, copilot-cli-deep-research, daily-compiler-quality, daily-copilot-token-report, daily-doc-updater, daily-file-diet, daily-mcp-concurrency-analysis, daily-syntax-error-quality, daily-testify-uber-super-expert, delight, developer-docs-consolidator, discussion-task-miner, glossary-maintainer, go-fan, go-logger, instructions-janitor, layout-spec-maintainer, prompt-clustering-analysis, semantic-function-refactor, sergo, smoke-copilot-arm, smoke-copilot, step-name-alignment, typist, ubuntu-image-analyzer, unbloat-docs, workflow-skill-extractor, contribution-check

Additionally:

• example-permissions-warning.md: Missing contents: write, issues: write, pull-requests: write
• ci-doctor: SC2295 — unquoted expansion in pattern context (genuine issue)

Historical Trends

Date	Zizmor	Poutine	Actionlint	Total
2026-02-21	11	0	719	730
2026-02-22	0	11	344	355
2026-02-23	0	9	157	166
2026-02-24	0	10	159	169
2026-02-25	4	7	161	172

Observations

• Zizmor findings returned: After 3 days at 0, zizmor found 4 issues today. The artipacked Medium finding in daily-copilot-token-report is new and warrants attention.
• Poutine improved: Down from 10 to 7 findings (-3). Some previously detected supply chain issues have been resolved.
• Actionlint stable: Fluctuating between 157–161 due to SC1003 false positives. The large drop from 719 (Feb 21) to ~157 (Feb 23+) represents significant improvement from prior weeks.
• Compiler warnings stable: Holding at 25 warnings across all scans.

New Issues (vs 2026-02-24)

• zizmor/artipacked (Medium): daily-copilot-token-report — NEW
• zizmor/template-injection (Informational, ×3): contribution-check — NEW
• actionlint/SC2086 (×1) — NEW

Resolved Issues (vs 2026-02-24)

• Poutine findings reduced by 3 (likely unverified_script_exec or github_action_from_unverified_creator_used improvements)

Recommendations

1. Immediate: Fix artipacked in daily-copilot-token-report.md — add persist-credentials: false to the actions/checkout step. This is a Medium severity credential leak risk.
2. Short-term: Review template-injection findings in contribution-check.md — determine if the expressions are user-controlled and sanitize if so.
3. Ongoing: Address unverified_script_exec — pin curl | bash targets to specific commit SHAs rather than branch refs.
4. Maintenance: Add SC1003 suppression to actionlint config for AWF command steps to reduce noise from the 156 systemic false positives.
5. Long-term: Implement environment protection rules on self-hosted runners to prevent fork PR abuse (pr_runs_on_self_hosted).

Next Steps

• Apply persist-credentials: false fix to daily-copilot-token-report.md
• Review template-injection findings in contribution-check.md
• Pin curl | bash script fetches to specific commit SHAs
• Suppress SC1003 false positives in actionlint configuration
• Add environment protection gates to self-hosted runner workflows triggered by PRs

References:

• §22385277662
• [zizmor artipacked audit]((woodruffw.github.io/redacted)
• actionlint shellcheck integration

AI generated by Static Analysis Report

• expires on Feb 26, 2026, 6:42 AM UTC

[pelikhan]

/plan

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-26T06:42:06.267Z.

Closed by Workflow