test: trigger Brin PR scanner

[homanp]

Summary

• Adds an intentionally unsafe GitHub Actions workflow fixture to trigger the Brin PR scanner.
• This PR is for scanner validation only and should not be merged.

Test plan

• Confirm the Brin GitHub App receives the PR webhook.
• Confirm the PR scan flags the workflow with actionable CI/CD findings.
• Close this PR after validation.

[superagent-security]

Brin PR Security Scan

This PR has suspicious changes that should be reviewed before merge.

[CRITICAL] Privileged pull_request_target workflow is triggerable by fork PRs

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:5
• Evidence: Added workflow uses on: pull_request_target for opened and synchronize PR events. The same job checks out PR head code and interpolates PR-controlled metadata while running with elevated token permissions, placing fork-PR-controlled input in a privileged workflow context.
• Recommended fix: Do not merge this workflow. Replace pull_request_target with pull_request for PR testing and use minimal/read-only permissions, or split into an unprivileged PR workflow and a separate privileged workflow that consumes only strictly validated data and never checks out or executes PR-controlled content.

[CRITICAL] GITHUB_TOKEN grants write-all permissions in a privileged PR workflow

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:8
• Evidence: The added workflow declares permissions: write-all. Combined with pull_request_target, this gives a PR-triggerable workflow a repository write-capable token; any successful command execution can modify repository resources depending on enabled scopes.
• Recommended fix: Remove permissions: write-all. Set top-level permissions to none, then grant only the exact permissions needed per job, for example permissions: {} or job-level contents: read for read-only checkout.

[CRITICAL] Action is pinned to a mutable branch

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:15
• Evidence: The checkout step uses uses: actions/checkout@main. Branch references are mutable, so future changes to the action branch would automatically execute in this privileged workflow.
• Recommended fix: Pin the action to a full 40-character commit SHA for the intended release and include a version comment, for example uses: actions/checkout@<40-character-commit-sha> # v4.x.x. Do not pin privileged workflows to branches or mutable tags.

[CRITICAL] Privileged workflow checks out untrusted PR head code

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:17
• Evidence: Inside the pull_request_target workflow, the checkout step sets ref: ${{ github.event.pull_request.head.sha }}. A PR author controls that commit, so attacker-controlled code is placed in a workflow running in the base repository context with write-all token permissions.
• Recommended fix: Never check out PR head code in pull_request_target. Run PR code under the pull_request trigger with minimal permissions. If base-repo metadata processing is needed, check out only trusted base repository code and treat all PR fields as untrusted.

[CRITICAL] PR title is directly interpolated into a shell command

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:20
• Evidence: The run step contains run: echo "PR title: ${{ github.event.pull_request.title }}". A PR author controls the title, and GitHub expression interpolation occurs before shell execution, allowing a crafted title to alter or inject shell commands in a privileged workflow context.
• Recommended fix: Do not interpolate PR-controlled expressions directly into run: scripts. Pass the value through an environment variable and quote it in the shell, for example env: { PR_TITLE: '${{ github.event.pull_request.title }}' } with run: echo "PR title: $PR_TITLE"; also move this logic to an unprivileged pull_request workflow or remove write permissions.

[MEDIUM] Checkout persists workflow credentials by default

• Category: CI/CD
• Location: .github/workflows/brin-security-scanner-test.yml:15
• Evidence: The actions/checkout step does not set persist-credentials: false, so checkout will persist the workflow token in local git configuration by default. In this workflow that token is write-capable due to permissions: write-all.
• Recommended fix: Set persist-credentials: false unless the job explicitly needs to push to the repository. If pushing is required, isolate it into a separate trusted job with the narrowest possible write permission.

_{Analyzed by Brin}