Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.

Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

Secret references detected:

• secrets.AST_RND_SCANS_BASE_URI at line 20
• secrets.AST_RND_SCANS_TENANT at line 21
• secrets.AST_RND_SCANS_CLIENT_ID at line 22
• secrets.AST_RND_SCANS_CLIENT_SECRET at line 23
• secrets.CXONE_SCAN_WEBHOOK_URL at line 40
• secrets.teams_webhook_url in .github/workflows/cxone-scan-teams-notify.yml:123

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-aniket-shinde) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

Secret references detected:

• secrets.GITHUB_TOKEN at line 19

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-aniket-shinde) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

Secret references detected:

• secrets.CX_BASE_URI at line 28
• secrets.CX_TENANT at line 29
• secrets.CX_APIKEY at line 30
• secrets.CX_TEST_SCAN at line 31

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-aniket-shinde) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

Security Policy Alert: Actions Policy Violation

This workflow run has been blocked by StepSecurity's actions policy.

Disallowed Actions:

• timonvs/pr-labeler-action@8b99f404a073744885d8021d1de4e40c6eaf38e2

To fix this issue, please modify the workflow to use only allowed actions. Contact your organization administrator to request changes to the allowed actions list if needed.

For more information, see StepSecurity's Actions Policy documentation.