Skip to content

DYN-10536: Command injection in issue_type_predicter.yml GitHub Actions workflow#17122

Merged
edwin-vasquez-ucaldas merged 7 commits into
masterfrom
DYN-10536_Command_injection_in_Workflow_
May 29, 2026
Merged

DYN-10536: Command injection in issue_type_predicter.yml GitHub Actions workflow#17122
edwin-vasquez-ucaldas merged 7 commits into
masterfrom
DYN-10536_Command_injection_in_Workflow_

Conversation

@edwin-vasquez-ucaldas

Copy link
Copy Markdown
Contributor

Purpose

Received an external security vulnerability report via Autodesk PSIRT, about the #issue_type_predicter.yml GitHub Actions workflow, specifically a command injection risk. This issue highlights that the workflow's current implementation allows untrusted input to be passed directly into shell commands without proper sanitization, potentially enabling attackers to execute arbitrary commands. The ticket emphasizes the need to validate and sanitize all inputs used in shell commands to mitigate this risk. It recommends updating the workflow to use safer practices, such as leveraging parameterized commands or escaping inputs, to ensure the security of the CI/CD pipeline.

Declarations

Check these if you believe they are true

Release Notes

Summary of changes to issue_type_predicter.yml

# Change Why
1 Added top-level permissions: block (issues: write, contents: read). Shrinks GITHUB_TOKEN blast radius if injection is ever reintroduced.
2 Deleted the Remove Quotes step and dropped the frabert/replace-string-action@v2.5 dependency. The action was an insufficient sanitizer (only stripped ", only from body, never from title). Unnecessary once values flow via env:.
3 Run Issues Type Predicter — the actual CVE fix: ${{ env.issue_json_string }} moved into a step-level env: ISSUE_JSON: and the bash script reads "$ISSUE_JSON". Closes CWE-78 in the vulnerable step.
4 Analyze Issue Body / Clean Issue BodyISSUE_BODY / ISSUE_BODY_PARSED now read from github.event.issue.body directly (no longer routed through the deleted Remove Quotes step). Helper PowerShell scripts already read $env:ISSUE_BODY / $env:ISSUE_BODY_PARSED, so bash never sees the value. Safe by construction.
7 Quoted "$GITHUB_ENV" in echo ... >> "$GITHUB_ENV" calls. Shell hygiene; the prior echo "var="$(...)"" triple-quote concatenation was fragile.
8 Backslash paths (.\\.github\\scripts\\...) → forward slashes (./.github/scripts/...). Runner is ubuntu-latest; forward slashes are unambiguous in bash.

Reviewers

@jasonstratton @RobertGlobant20

FYIs

@eamiri

Copilot AI review requested due to automatic review settings May 27, 2026 17:47

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See the ticket for this pull request: https://jira.autodesk.com/browse/DYN-10536

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Mitigates a command-injection risk in the issue_type_predicter.yml GitHub Actions workflow by preventing untrusted issue content from being interpolated directly into shell commands, and by tightening workflow token permissions.

Changes:

  • Added workflow-level least-privilege permissions (issues: write, contents: read).
  • Removed the quote-stripping step and the frabert/replace-string-action dependency; simplified issue body/title handling.
  • Hardened command invocation by passing the issue JSON via step env and quoting variables; improved gh issue edit argument handling.

Comment on lines +41 to +43
run: |
echo "analysis_response=$(pwsh .\\.github\\scripts\\issue_analyzer.ps1 "${{ env.template }}" "${{ env.acceptable_missing_info }}")" >> $GITHUB_ENV
response=$(pwsh ./.github/scripts/issue_analyzer.ps1 "${{ env.template }}" "${{ env.acceptable_missing_info }}")
echo "analysis_response=$response" >> "$GITHUB_ENV"

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed across all four $GITHUB_ENV writes (analyze, clean, create-json, run-predicter). Used the documented VAR<<DELIM ... DELIM heredoc form with a per-write random delimiter.

run: |
echo "parsed_issue_body="$(pwsh .\\.github\\scripts\\issue_body_cleaner.ps1 )"" >> $GITHUB_ENV
parsed=$(pwsh ./.github/scripts/issue_body_cleaner.ps1)
echo "parsed_issue_body=$parsed" >> "$GITHUB_ENV"

@edwin-vasquez-ucaldas edwin-vasquez-ucaldas May 27, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed across all four $GITHUB_ENV writes (analyze, clean, create-json, run-predicter). Used the documented VAR<<DELIM ... DELIM heredoc form with a per-write random delimiter.

@RobertGlobant20 RobertGlobant20 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one comment for testing this changes in your own repo

Comment thread .github/workflows/issue_type_predicter.yml

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

Comment thread .github/workflows/issue_type_predicter.yml Outdated
Comment thread .github/workflows/issue_type_predicter.yml
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@sonarqubecloud

Copy link
Copy Markdown

@jasonstratton jasonstratton left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it looks good. I just would like Ashish's opinion on the potential for security risk.

Comment thread .github/workflows/issue_type_predicter.yml
@jasonstratton jasonstratton requested a review from zeusongit May 28, 2026 03:11
@zeusongit

Copy link
Copy Markdown
Contributor

One comment, that matches what @RobertGlobant20 already flagged.

@edwin-vasquez-ucaldas

Copy link
Copy Markdown
Contributor Author

Finally I was able to test all the flow into my own Repository:

  • Both (before fix / after fix) "Issue Type Predicter" github actions runs to completion without error are passing
image
  • After fix No outbound DNS/HTTP hit to the OAST endpoint.
image

@RobertGlobant20 RobertGlobant20 self-requested a review May 28, 2026 20:47

@RobertGlobant20 RobertGlobant20 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM just re-execute the DynamoSelfServe job and update your branch

@edwin-vasquez-ucaldas edwin-vasquez-ucaldas merged commit 94568f5 into master May 29, 2026
29 checks passed
@edwin-vasquez-ucaldas edwin-vasquez-ucaldas deleted the DYN-10536_Command_injection_in_Workflow_ branch May 29, 2026 17:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants