lintai docs

Appearance

Rule Reference

SEC325lintai-ai-securitypreviewgithub_workflowwarn

GitHub Actions: untrusted expression in run

GitHub Actions workflow interpolates untrusted expression data directly inside a run command

Provider
lintai-ai-security
Surface
github_workflow
Scope
per_file
Tier
preview
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

supply-chainmembership

Lifecycle

Preview Lifecycle Contract

State

preview_blocked

Promotion blocker

Shell safety depends on how the interpolated expression is consumed inside the run command.

Promotion requirements

Needs corpus-backed precision review, external usefulness evidence, and completed stable checklist metadata.

Canonical note

Structural preview rule; deterministic today, but the preview contract may still evolve.

Nearby Signals

Related Rules

SEC328GitHub Actions: write-capable third-party actionGitHub Actions workflow combines explicit write-capable permissions with a third-party actiongithub_workflowpreview
SEC324GitHub Actions: unpinned third-party actionGitHub Actions workflow uses a third-party action that is not pinned to a full commit SHAgithub_workflowstable
SEC326GitHub Actions: pull_request_target checkoutGitHub Actions pull_request_target workflow checks out untrusted pull request head contentgithub_workflowstable
SEC327GitHub Actions: write-all tokenGitHub Actions workflow grants GITHUB_TOKEN write-all permissionsgithub_workflowstable

Why It Matters

Directly interpolating untrusted expression data into a shell run: step can turn workflow inputs or event data into shell syntax. The risk depends on how the value is consumed, which is why this rule stays preview even though the trigger is structural.

What Triggers

SEC325 applies to semantically confirmed GitHub Actions workflow YAML and triggers when:

  • a run: command directly embeds untrusted expression data such as ${{ inputs.* }} or event payload values
  • and the expression is used inline in the shell command rather than first being assigned into a safer indirection path

Example that triggers:

yaml
- run: echo ${{ inputs.version }}

Example that stays clean:

yaml
- run: VERSION=${{ inputs.version }}

False Positives

This rule stays Preview because shell safety depends on how the interpolated value is ultimately consumed. The signal is still useful because direct inline interpolation is a high-risk composition pattern in CI.

Remediation

Avoid interpolating untrusted expression data directly inside run: commands. Route the value through validated environment handling or a safer non-shell boundary first.