Guard issue auto-answer workflow against untrusted triggering via author_association (#5841)

Copilot · trwalke · bgavrilMS · commit e3f334c0158e · 2026-03-19T20:27:23.000Z
* Initial plan

* Guard workflow against untrusted triggering using author_association

Co-authored-by: trwalke &lt;30090357+trwalke@users.noreply.github.com&gt;

* Add COLLABORATOR and CONTRIBUTOR to author_association guard

Co-authored-by: trwalke &lt;30090357+trwalke@users.noreply.github.com&gt;

---------

Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: trwalke &lt;30090357+trwalke@users.noreply.github.com&gt;
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -11,8 +11,15 @@ permissions:
 jobs:
   answer-issue:
     runs-on: ubuntu-latest
-    # Optional: only run for issues with a specific label
-    # if: contains(github.event.issue.labels.*.name, 'question')
+    # Only run for issues created by org members or owners (i.e., Microsoft Open Source enterprise members).
+    # github.event.issue.author_association is set by GitHub based on the issue author's relationship
+    # to this repository. MEMBER = org member, OWNER = repo/org owner. This prevents untrusted
+    # external contributors from triggering the OpenAI-backed responder and consuming secrets/tokens.
+    if: |
+      github.event.issue.author_association == 'MEMBER' ||
+      github.event.issue.author_association == 'OWNER' ||
+      github.event.issue.author_association == 'COLLABORATOR' ||
+      github.event.issue.author_association == 'CONTRIBUTOR'
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
