stacklok / toolhive / 22778464265

Build # 22778464265

Build Type

push

github

Committed by web-flow

Commit Message

Harden CI workflows against prompt injection and supply chain attacks (#4034)

Apply security hardening to GitHub Actions workflows based on an audit
informed by the Clinejection and hackerbot-claw attack patterns:

- claude.yml: Add author_association checks to block untrusted users from
  invoking the AI agent, and restrict allowed_tools to prevent arbitrary
  shell execution via prompt injection
- issue-triage.yml: Remove Bash tool access (replaced with MCP GitHub
  tool for label listing), add prompt injection defense instruction
- CODEOWNERS: Protect CLAUDE.md, .claude/ skills, agents, and rules
  from unauthorized modification (poisoned system prompt vector)
- security-scan.yml: Pin codeql-action and govulncheck-action to SHA
  hashes (were using unpinned tag references)
- releaser.yml: Disable Go module cache for release builds to prevent
  cache poisoning attacks
- pr-size-labeler.yml: Move expression interpolation to env variable
  to prevent injection in github-script context
- image-build-and-publish.yml: Reduce permissions from contents:write
  to contents:read (no git write operations are performed)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Run Details

47302 of 73977 relevant lines covered (63.94%)

75.84 hits per line

Source File

Press 'n' to go to next uncovered line, 'b' for previous

Source Not Available