lintai docs

Appearance

Rule Reference

SEC327lintai-ai-securitysupply-chainhardeningstablegithub_workflowwarn

GitHub Actions: write-all token

GitHub Actions workflow grants GITHUB_TOKEN write-all permissions

Public lane
supply-chain
Category
hardening
Provider
lintai-ai-security
Scope
per-file
Surface
github_workflow
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Reproducibility, provenance, and dependency hardening review.

How to read this category

Least-privilege, provenance, or operational hygiene signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

supply-chainsidecar lane

Lifecycle

Stable Lifecycle Contract

State

stable

Graduation rationale

Checks workflow permissions for the explicit write-all shortcut, which exceeds least-privilege guidance for GITHUB_TOKEN.

Deterministic signal basis

GithubWorkflowSignals line-level permissions extraction for semantically confirmed workflow YAML.

Malicious corpus
github-workflow-write-all-permissions
Benign corpus
github-workflow-read-only-permissions
structured evidence required remediation reviewed
Canonical note

Structural stable rule positioned as a supply-chain hardening control: high-precision and actionable, but not a blanket claim of direct repository compromise.

Nearby Signals

Related Rules

SEC324GitHub Actions: unpinned third-party actionGitHub Actions workflow uses a third-party action that is not pinned to a full commit SHAsupply-chainhardeninggithub_workflow
SEC326GitHub Actions: pull_request_target checkoutGitHub Actions pull_request_target workflow checks out untrusted pull request head contentsupply-chainhardeninggithub_workflow
SEC325GitHub Actions: untrusted expression in runGitHub Actions workflow interpolates untrusted expression data directly inside a run commandsupply-chainhardeninggithub_workflow
SEC328GitHub Actions: write-capable third-party actionGitHub Actions workflow combines explicit write-capable permissions with a third-party actionsupply-chainhardeninggithub_workflow

Why It Matters

permissions: write-all grants the workflow a very broad token surface by default. That weakens least privilege and increases the blast radius of any compromised step or third-party action.

What Triggers

SEC327 applies to semantically confirmed GitHub Actions workflow YAML and triggers when the workflow sets:

yaml
permissions: write-all

Example that stays clean:

yaml
permissions:
  contents: read

False Positives

This is a structural least-privilege rule rather than a claim that the workflow is already exploited. Teams may intentionally allow broad write scopes, but the finding remains useful because write-all is an explicit shortcut away from reviewable minimal permissions.

Remediation

Replace write-all with the minimal explicit permissions the workflow actually needs.