lintai docs

Appearance

Rule Reference

SEC328lintai-ai-securitysupply-chainhardeningpreviewgithub_workflowwarn

GitHub Actions: write-capable third-party action

GitHub Actions workflow combines explicit write-capable permissions with a third-party action

Public lane
supply-chain
Category
hardening
Provider
lintai-ai-security
Scope
per-file
Surface
github_workflow
Tier
preview
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Reproducibility, provenance, and dependency hardening review.

How to read this category

Least-privilege, provenance, or operational hygiene signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

supply-chainsidecar lane

Lifecycle

Preview Lifecycle Contract

State

preview

Promotion blocker

Write-capable token scopes and third-party action usage are compositional and need more corpus-backed precision review before a stable launch.

Promotion requirements

Needs corpus-backed precision review, external usefulness evidence, and completed stable checklist metadata.

Canonical note

Structural preview rule; deterministic today, but the preview contract may still evolve.

Nearby Signals

Related Rules

SEC325GitHub Actions: untrusted expression in runGitHub Actions workflow interpolates untrusted expression data directly inside a run commandsupply-chainhardeninggithub_workflow
SEC324GitHub Actions: unpinned third-party actionGitHub Actions workflow uses a third-party action that is not pinned to a full commit SHAsupply-chainhardeninggithub_workflow
SEC326GitHub Actions: pull_request_target checkoutGitHub Actions pull_request_target workflow checks out untrusted pull request head contentsupply-chainhardeninggithub_workflow
SEC327GitHub Actions: write-all tokenGitHub Actions workflow grants GITHUB_TOKEN write-all permissionssupply-chainhardeninggithub_workflow

Why It Matters

SEC328 flags GitHub Actions workflows that combine explicit write-capable token permissions with a third-party action.

This is a compositional hardening rule: the risk comes from the combination, not from either ingredient alone. A third-party action with write-capable token scopes deserves more review than the same action under read-only permissions.

What Triggers

SEC328 applies to semantically valid GitHub Actions workflow YAML and triggers when:

  • the workflow grants explicit write-capable permissions such as contents: write
  • a job uses a third-party action
  • and the action reference is still third-party even if it is pinned to a full SHA

Example that triggers:

yaml
permissions:
  contents: write
jobs:
  build:
    steps:
      - uses: docker/login-action@0123456789abcdef0123456789abcdef01234567

Example that stays clean:

yaml
permissions:
  contents: read
jobs:
  build:
    steps:
      - uses: docker/login-action@0123456789abcdef0123456789abcdef01234567

False Positives

This rule stays Preview because it is intentionally compositional. Some workflows really do need write-capable permissions and vetted third-party actions, but the combination is still important enough to review explicitly before it graduates to a stronger posture.

Remediation

Reduce permissions to the minimum required, replace the third-party action with a safer trusted alternative when possible, or isolate the write-capable step so the broader workflow does not hand write authority to unnecessary third-party logic.