Skip to content

[static-analysis] Report - 2026-07-05 #43477

Description

@github-actions

🔍 Static Analysis Report - 2026-07-05

Analysis Summary

  • Tools: zizmor (security), poutine (supply chain), actionlint (lint), runner-guard (taint)
  • Total Findings: 947 · Workflows Scanned: 258
  • Workflows Affected (distinct): zizmor 198 · poutine 11 · actionlint 30 · runner-guard 17
Tool Total Crit High Med Low Info
zizmor 552 0 0 0 291 261
poutine 22 0 10 err 1 warn 11 note
actionlint 40 40 err
runner-guard 333 0 322 11 0 0

Posture: stable. 947 vs 948 yesterday (−1). No new rule classes. Every high-severity runner-guard finding maps to a rule class already triaged & closed in prior runs (see below).

Clustered Findings

Zizmor (all Informational/Low, no High/Med/Crit — artifacts of generated lock files):

Type Severity Count
template-injection Info 260 / Low 4 264
adhoc-packages Low 257
obfuscation Low 30
superfluous-actions Info 1

Poutine:

Type Sev Count Workflows
untrusted_checkout_exec error 10 smoke-workflow-call*.lock.yml (all # poutine:ignore, trusted generated scripts)
github_action_from_unverified_creator_used note 8 safedep/pmg, super-linter, astral-sh/setup-uv, actions-ecosystem/action-add-labels, gaurav-nelson/...markdown-link-check (SHA-pinned)
unverified_script_exec note 3 daily-byok-ollama-test, smoke-codex, copilot-setup-steps
pr_runs_on_self_hosted warning 1 smoke-copilot-arm.lock.yml

Actionlint (30 workflows): shellcheck 37 (SC2016×21, SC2038×6, SC2086×5, SC2034×2, SC2188/SC2129/SC2005 ×1); expression 3 → all skillet.lock.yml needs.pre_activation undefined.

Runner-Guard (score/grade line not emitted this run):

Rule Name Sev Count Workflows
RGS-004 Comment-Triggered Workflow w/o Author Auth Check high 305 q (122), dev-hawk (93), ai-moderator (90)
RGS-012 Secret Exfiltration via Outbound HTTP high 11 daily-model-inventory (4), daily-byok-ollama-test (3), visual-regression-checker (2), docs-noob-tester, daily-multi-device-docs-tester
RGS-018 Suspicious Payload Execution Pattern high 6 smoke-codex, smoke-claude, daily-sentrux-report, daily-cli-performance, daily-byok-ollama-test, copilot-setup-steps.yml
RGS-005 Excessive Permissions on Untrusted Trigger med 8 ai-moderator (4), q (3), agentic_commands.yml
RGS-019 Step Output Interpolated in run Block med 2 windows-cli-integration.yml, error-message-lint.yml
RGS-007 Unpinned Third-Party Action med 1 publish-safe-outputs-node.yml

Runner-Guard Analysis & Dedup Decision

Issues created this run: none. All high-severity findings belong to rule classes already filed and closed previously:

Per #31043 ("RGS-* issues recreated daily after closure") — the maintainer guidance this workflow's dedup implements — refiling an identical rule ID under only a different filename is the duplicate anti-pattern. No matching issue is currently open, so nothing is refiled. Medium findings are below the create-issue threshold.

Top Actionable Issue — skillet.lock.yml actionlint expression error

  • Lines 1385/1411/1882: needs.pre_activation.* referenced but pre_activation is not a member of needs (valid: activation, agent, detection, safe_outputs).
  • Impact: reference to a non-existent job output evaluates empty at runtime → can silently disable a gate. This is a real source defect, unlike the taint FPs. Fix: correct the renamed/removed job reference in skillet.md source and recompile.

Fix Suggestion — actionlint SC2016 (most common lint, 21×)

Issue: SC2016: Expressions don't expand in single quotes — a $VAR/${...} token sits inside single quotes where expansion was likely intended. Fix in the source .md/generator, never the .lock.yml.

Prompt to Copilot Agent:

Fix a shellcheck SC2016 finding in a gh-aw generated workflow. Edit the SOURCE .md
(or the generator step emitting the snippet), not the .lock.yml.
Rule SC2016: https://github.com/rhysd/actionlint/blob/main/docs/checks.md#check-shellcheck-integ

A run: block has `$X`/`${X}` inside SINGLE quotes, so it is emitted literally instead of
expanding. Choose per intent:
1. Value should expand  -> change the surrounding quotes to double quotes.
2. Literal $... intended (jq/awk program, placeholder) -> keep single quotes and add
   `# shellcheck disable=SC2016` on the line above to make intent explicit.

Before:  run: echo 'total is $TOTAL'
After:   run: echo "total is $TOTAL"      # expansion intended
Or:      run: |
           # shellcheck disable=SC2016
           jq '.data | $count' file.json  # literal intended

Recompile with gh-aw and confirm SC2016 is gone for that line. Apply the correct variant
per script; do not blanket-convert quotes. Affected: ~21 lock files (agent-performance-analyzer,
ci-coach, pr-triage-agent, workflow-health-manager, daily-*, ...).

Historical Trends

Metric 2026-07-04 2026-07-05 Δ
zizmor 553 552 −1
poutine 22 22 0
actionlint 40 40 0
runner-guard 333 333 0
Total 948 947 −1

New issue types: none. Resolved: none. Flat ~4 days; actionlint dropped ~480→40 around 2026-07-02 (scan-scope/dedup change) and has held.

Recommendations & Next Steps

  1. Immediate: Fix skillet.lock.yml pre_activation undefined-property at its .md source — the only genuine correctness defect this run.
  2. Short-term: Sweep the 21 SC2016 findings (fix prompt above); pin publish-safe-outputs-node.yml action to a SHA (RGS-007).
  3. Long-term: Teach runner-guard (or add ignore fingerprints) about gh-aw's activation gate so RGS-004/005 stop dominating high counts; annotate installer/readiness run: blocks tripping RGS-012/018.
  4. Prevention: Keep the [deep-report] Static-analysis RGS-* security issues recreated daily after closure (no dedup-by-rule) #31043 rule+file dedup discipline; add a persistent fingerprint index so closed RGS classes are never refiled.
  • Fix skillet.lock.yml needs.pre_activation in source
  • Apply SC2016 fix prompt to generator scripts
  • Pin action SHA for publish-safe-outputs-node.yml (RGS-007)
  • Suppress/annotate runner-guard FP classes at source
  • Review RGS-019 in error-message-lint.yml

References: §28731332447

Generated by 📊 Static Analysis Report · 279.9 AIC · ⌖ 34 AIC · ⊞ 6.8K ·

  • expires on Jul 11, 2026, 10:14 PM UTC-08:00

Metadata

Metadata

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions