Matin/ Add Claude code review workflows and documentation #293
Conversation
matin-deriv
commented
Dec 29, 2025
matin-deriv
commented
- Claude code review
- Claude.md file
- Security NCLC Reviews
matin-deriv
requested review from
ahmed-deriv,
mayuran-deriv and
nijil-deriv
as code owners
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
Scanned Manifest Files.github/workflows/security-nclc-review.yml
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| steps: | ||
| - name: Verify user | ||
| uses: 'deriv-com/shared-actions/.github/actions/verify_user_in_organization@v3' |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| - name: Checkout PR head | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: ${{ github.event.pull_request.head.repo.full_name }} | ||
| ref: ${{ github.event.pull_request.head.ref }} | ||
| fetch-depth: 20 | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| # Sanity check (helps diagnose if anything goes wrong) | ||
| - name: Verify git workspace |
Check warning
Code scanning / CodeQL
Checkout of untrusted code in trusted context Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 3 days ago
In general, the fix is to avoid checking out and operating on the untrusted PR HEAD in a privileged context. For a review bot like this, the Claude action can work from the base repository combined with GitHub’s pull request metadata, without needing to execute code from the PR checkout. So the best fix is to stop checking out the PR head repository/ref, and instead either (a) check out the base repository on the merge commit / base ref, or (b) remove the checkout entirely if the Claude action does not require a local working tree.
The minimal change that preserves functionality while removing the unsafe pattern is:
- Replace the “Checkout PR head” step with a standard checkout of the current repository using the default behavior of
actions/checkout@v4. This gives the action read‑only access to the base repo as seen by the workflow, not to attacker‑controlled fork code. - Keep the rest of the workflow unchanged so that permissions, tokens, and the Claude action invocation continue to work as before.
Concretely, in .github/workflows/claude.yml, lines 35–41 (the Checkout PR head step) should be replaced by a safer checkout:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 20No new imports or methods are needed; this is purely a workflow configuration change within that file.
| @@ -31,14 +31,11 @@ | ||
| username: ${{ github.event.pull_request.user.login }} | ||
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | ||
|
|
||
| # Ensure we have a real git repo at the PR HEAD (works for forks) | ||
| - name: Checkout PR head | ||
| # Checkout the repository in a safe context (do not use untrusted PR HEAD) | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: ${{ github.event.pull_request.head.repo.full_name }} | ||
| ref: ${{ github.event.pull_request.head.ref }} | ||
| fetch-depth: 20 | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| # Sanity check (helps diagnose if anything goes wrong) | ||
| - name: Verify git workspace |
| git log -1 --oneline | ||
|
|
||
| - name: Run Claude Code Action | ||
| uses: anthropics/claude-code-action@v1 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
