lintai docs

Appearance

Rule Reference

SEC328lintai-ai-securitypreviewgithub_workflowwarn

GitHub Actions: write-capable third-party action

GitHub Actions workflow combines explicit write-capable permissions with a third-party action

Provider
lintai-ai-security
Surface
github_workflow
Scope
per_file
Tier
preview
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

recommendedmembership
supply-chainmembership

Lifecycle

Preview Lifecycle Contract

State

preview_blocked

Promotion blocker

Write-capable token scopes and third-party action usage are compositional and need more corpus-backed precision review before a stable launch.

Promotion requirements

Needs corpus-backed precision review, external usefulness evidence, and completed stable checklist metadata.

Canonical note

Structural preview rule; deterministic today, but the preview contract may still evolve.

Nearby Signals

Related Rules

SEC324GitHub Actions: unpinned third-party actionGitHub Actions workflow uses a third-party action that is not pinned to a full commit SHAgithub_workflowstable
SEC325GitHub Actions: untrusted expression in runGitHub Actions workflow interpolates untrusted expression data directly inside a run commandgithub_workflowpreview
SEC326GitHub Actions: pull_request_target checkoutGitHub Actions pull_request_target workflow checks out untrusted pull request head contentgithub_workflowstable
SEC327GitHub Actions: write-all tokenGitHub Actions workflow grants GITHUB_TOKEN write-all permissionsgithub_workflowstable

Why It Matters

SEC328 flags GitHub Actions workflows that combine explicit write-capable token permissions with a third-party action.

This is a compositional hardening rule: the risk comes from the combination, not from either ingredient alone. A third-party action with write-capable token scopes deserves more review than the same action under read-only permissions.

What Triggers

SEC328 applies to semantically valid GitHub Actions workflow YAML and triggers when:

  • the workflow grants explicit write-capable permissions such as contents: write
  • a job uses a third-party action
  • and the action reference is still third-party even if it is pinned to a full SHA

Example that triggers:

yaml
permissions:
  contents: write
jobs:
  build:
    steps:
      - uses: docker/login-action@0123456789abcdef0123456789abcdef01234567

Example that stays clean:

yaml
permissions:
  contents: read
jobs:
  build:
    steps:
      - uses: docker/login-action@0123456789abcdef0123456789abcdef01234567

False Positives

This rule stays Preview because it is intentionally compositional. Some workflows really do need write-capable permissions and vetted third-party actions, but the combination is still important enough to review explicitly before it graduates to a stronger posture.

Remediation

Reduce permissions to the minimum required, replace the third-party action with a safer trusted alternative when possible, or isolate the write-capable step so the broader workflow does not hand write authority to unnecessary third-party logic.