One attack vector Sysdig investigated involved GitHub Actions workflows that trigger on the pull_request_target event. According to Sysdig, the attack vector exposes secrets and a secret GitHub token with write permissions to the repository. And because the Action executes in the base repository, not the fork that triggered the pull request, if implemented without safeguards, it can lead to complete repository takeover.
“As we analyzed the results, we were surprised by the number of vulnerable pull_request_target workflows we discovered,” the researchers wrote. “You might assume these were limited to obscure or inactive repositories, but that wasn’t the case. We found several high-profile projects with tens of thousands of stars still using insecure configurations.”
GitHub Actions attacks get real
GitHub Actions is a CI/CD (continuous integration and continuous delivery) service that enables developers to automate software builds and tests by setting up workflows that trigger when specified events occur, such as when new code is committed to the repository. The workflows, called Actions, are instructions packed in an .yml file that execute inside virtual containers, usually on GitHub’s infrastructure, and return compiled binaries, test results, logs, and so on.
