🔍 Static Analysis Report - February 6, 2026

[github-actions[bot]]

Analysis Summary

Comprehensive static analysis completed on 147 agentic workflow files using three security and code quality tools: zizmor (security), poutine (supply chain), and actionlint (linting).

• Tools Used: zizmor, poutine, actionlint
• Total Findings: 346
• Workflows Scanned: 147
• Workflows with Issues: 147 (100%)

Findings by Tool

Tool	Total	Critical	High	Medium	Low/Style	Info
zizmor (security)	23	0	0	14	0	9
poutine (supply chain)	0	0	0	0	0	0
actionlint (linting)	323	0	0	0	321	2

Clustered Findings by Tool and Type

Zizmor Security Findings

Issue Type	Severity	Count	Description
default_permissions_on_risky_events	⚠️ Warning	14	Default permissions used on risky events
unverified_script_exec	ℹ️ Info	4	Unverified script execution (curl piped to sh)
github_action_from_unverified_creator_used	ℹ️ Info	3	GitHub Action from unverified creator
unpinnable_action	ℹ️ Info	2	Unpinnable CI component (composite actions)

Affected Workflows (default_permissions_on_risky_events): agent-persona-explorer, ai-moderator, archie, audit-workflows, brave, ci-coach, ci-doctor, claude-code-user-docs-review, cli-version-checker, cloclo, plan, q, tidy, unbloat-docs

Poutine Supply Chain Findings

✅ No supply chain security issues detected

Poutine scanner completed successfully with no findings. This indicates good supply chain security hygiene.

Actionlint Linting Issues

Issue Type	Severity	Count	Description
Shellcheck: SC1003	Info	158	Single quote escape syntax issues
Shellcheck: SC2129	Style	154	Individual redirects instead of grouped
Shellcheck: SC2086	Info	9	Missing quotes for variables
Expression errors	Error	2	Undefined property references

Top Priority Issues

1. Default Permissions on Risky Events (Zizmor)

• Tool: zizmor
• Count: 14 workflows
• Severity: ⚠️ Warning (Medium)
• Affected: 14 workflows use risky trigger events with default permissions
• Description: Workflows triggered by external actors (e.g., issue_comment, pull_request_target) run with overly permissive default GitHub Actions permissions
• Impact: Potential privilege escalation attack vector; external actors could exploit default write permissions
• Reference: (woodruffw.github.io/redacted)

2. SC1003: Single Quote Escape Issues (Actionlint)

• Tool: actionlint/shellcheck
• Count: 158 instances
• Severity: ℹ️ Info
• Affected: Multiple workflows with complex shell scripts
• Description: Incorrect single quote escaping in shell scripts
• Impact: Low - code quality and readability issue

3. SC2129: Individual Redirect Pattern (Actionlint)

• Tool: actionlint/shellcheck
• Count: 154 instances
• Severity: Style
• Affected: Nearly all workflows (consistent pattern)
• Description: Using individual redirects (echo "x" >> file; echo "y" >> file) instead of grouped redirects
• Impact: Minimal - style preference, not a functional issue

Fix Suggestion for Default Permissions Issue

Issue: default_permissions_on_risky_events
Severity: Warning
Affected Workflows: 14 workflows

Problem

Workflows triggered by events like issue_comment, pull_request_target, or workflow_run run with default GitHub Actions permissions. These events can be triggered by external actors (including untrusted forks), and default permissions grant extensive read/write access to repository resources.

Security Risk: An attacker could exploit these overly permissive defaults to:

• Modify repository contents
• Push malicious code
• Exfiltrate secrets
• Escalate privileges

Solution

Add explicit permissions block to restrict access following the principle of least privilege.

Copilot Agent Fix Prompt

You are fixing a security vulnerability in agentic workflows identified by the zizmor static analysis tool.

**Vulnerability**: Default Permissions on Risky Events  
**Rule**: default_permissions_on_risky_events  
**Severity**: Warning (Medium)  
**Reference**: (woodruffw.github.io/redacted)

**Current Issue**:
The workflow uses default GitHub Actions permissions on events that can be triggered by external actors. Default permissions are overly permissive (read/write access to many scopes), creating a potential security vulnerability.

**Required Fix**:
Add an explicit `permissions` block to the workflow frontmatter with minimal required permissions.

**Step-by-Step Instructions**:

1. Locate the workflow frontmatter (YAML section at the top between `---` markers)

2. Identify the trigger events (`on:` section) to determine required permissions

3. Add a `permissions:` block right after the `on:` section with minimal permissions:

   ```yaml
   permissions:
     contents: read  # Minimal - allows checkout
   ```

4. Add additional permissions ONLY if the workflow actually needs them:
   - `issues: write` - if creating/modifying issues
   - `pull-requests: write` - if creating/modifying PRs  
   - `discussions: write` - if creating/modifying discussions
   - `checks: write` - if updating check runs

5. For workflows that don't need repository access at all:
   ```yaml
   permissions: {}  # Empty permissions
   ```

**Example**:

Before (vulnerable):
``````yaml
---
name: PR Comment Handler
on:
  issue_comment:
    types: [created]
---

# Workflow content

After (secure):

---
name: PR Comment Handler
on:
  issue_comment:
    types: [created]

permissions:
  contents: read
  issues: write
  pull-requests: write
---

# Workflow content

Affected Workflows:
Apply this fix to the following 14 workflow source files (.md files, NOT .lock.yml):

1. .github/workflows/agent-persona-explorer.md
2. .github/workflows/ai-moderator.md
3. .github/workflows/archie.md
4. .github/workflows/audit-workflows.md
5. .github/workflows/brave.md
6. .github/workflows/ci-coach.md
7. .github/workflows/ci-doctor.md
8. .github/workflows/claude-code-user-docs-review.md
9. .github/workflows/cli-version-checker.md
10. .github/workflows/cloclo.md
11. .github/workflows/plan.md
12. .github/workflows/q.md
13. .github/workflows/tidy.md
14. .github/workflows/unbloat-docs.md

After applying the fix:

• Recompile workflows: gh aw compile
• Test affected workflows to ensure they function correctly
• If a workflow fails, incrementally add only the specific permissions it needs

### All Findings Details

<details>
<summary><b>View Detailed Findings by Category</b></summary>

#### Zizmor: Unverified Script Execution (4 instances)

**Location**: `.github/workflows/copilot-setup-steps.yml`

These workflows execute scripts downloaded from external URLs without verification:
1. Line 17: `curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash`
2. Line 42: `curl -LsSf (astral.sh/redacted) | sh`

**Risk**: Medium - Scripts are from trusted sources (GitHub repo, astral.sh) but executed without integrity verification
**Recommendation**: Consider verifying scripts with checksums or using verified releases

#### Zizmor: Unpinnable Actions (2 instances)

**Affected Files**:
- `.github/actions/daily-test-improver/coverage-steps/action.yml`
- `.github/actions/daily-perf-improver/build-steps/action.yml`

**Description**: Composite actions cannot be pinned to specific SHAs like regular actions
**Impact**: Low - inherent limitation of composite actions
**Recommendation**: Maintain tight version control and review practices for composite actions

#### Actionlint: Expression Errors (2 instances)

**Workflows affected**:
1. `issue-triage-agent.lock.yml:90` - Property "checkout-pr" not defined
2. `weekly-issue-summary.lock.yml:93` - Property "checkout-pr" not defined

**Description**: Workflows reference `needs.checkout-pr.outputs` but the `checkout-pr` job doesn't exist
**Impact**: High - workflow will fail at runtime
**Recommendation**: Fix job dependencies or remove references to non-existent jobs

#### Actionlint: SC2086 - Unquoted Variables (9 instances)

**Affected workflows**:
- ci-coach.lock.yml (3 instances)
- smoke-test-tools.lock.yml (1 instance)
- smoke-opencode.lock.yml (1 instance)
- smoke-copilot.lock.yml (1 instance)
- smoke-codex.lock.yml (1 instance)
- smoke-claude.lock.yml (1 instance)
- daily-copilot-token-report.lock.yml (1 instance)

**Example**: `SC2086:info:18:35: Double quote to prevent globbing and word splitting`
**Impact**: Low - potential for unexpected behavior with special characters
**Recommendation**: Quote variables in shell scripts: `"$variable"`

</details>

### Recommendations

#### Immediate Actions (High Priority)

1. **Fix default permissions issue** in 14 workflows
   - Apply the fix template above to add explicit `permissions` blocks
   - Test workflows after restricting permissions
   - Priority: ⚠️ Medium severity security issue

2. **Fix expression errors** in 2 workflows
   - Investigate missing `checkout-pr` job references
   - Either add the missing job or remove the invalid references
   - Priority: ❗ Will cause workflow failures

#### Short-Term Actions (Medium Priority)

3. **Review unverified script execution** (4 instances)
   - Consider adding checksum verification for downloaded scripts
   - Evaluate using pinned, verified releases instead

4. **Fix unquoted variables** (9 instances - SC2086)
   - Add quotes around shell variables to prevent word splitting
   - Low risk but improves script robustness

#### Long-Term Actions (Code Quality)

5. **Address shellcheck style issues** (SC2129 - 154 instances)
   - Consider grouping redirect operations for cleaner code
   - Use `{ cmd1; cmd2; } >> file` pattern instead of individual redirects
   - Very low priority - purely stylistic

6. **Fix single quote escaping** (SC1003 - 158 instances)
   - Review complex shell scripts with embedded quotes
   - Use proper escaping: `'This is how it'\''s done'`
   - Low priority - code quality improvement

7. **Establish automated static analysis**
   - Integrate zizmor, poutine, and actionlint into PR checks
   - Prevent new security issues from being introduced
   - Create pre-commit hooks for local validation

### Historical Trends

**Note**: This is the first comprehensive static analysis scan with structured data collection. Future scans will provide trend analysis comparing:
- New vs. resolved security issues
- Changes in vulnerability counts over time
- Progress on fixing different issue categories

**Baseline Established**: 346 total findings as of February 6, 2026

### Next Steps

- [ ] Apply explicit permissions to 14 workflows with `default_permissions_on_risky_events` warning
- [ ] Fix expression errors in `issue-triage-agent` and `weekly-issue-summary` workflows
- [ ] Review and potentially add verification for unverified script execution
- [ ] Address SC2086 unquoted variable issues in smoke test workflows
- [ ] Update workflow creation guidelines to include security best practices
- [ ] Consider establishing zizmor/actionlint as mandatory PR checks

**References:**
- [§21766503091](https://github.com/github/gh-aw/actions/runs/21766503091)


> AI generated by [Static Analysis Report](https://github.com/github/gh-aw/actions/runs/21766503091)
> - [x] expires <!-- gh-aw-expires: 2026-02-13T21:34:14.553Z --> on Feb 13, 2026, 9:34 PM UTC

<!-- gh-aw-workflow-id: static-analysis-report -->

[github-actions[bot]]

🔮 The ancient spirits stir, and the smoke-test oracle has passed through this thread. The signs are clear; the runes glow true.

AI generated by Smoke Codex

[github-actions[bot]]

💥 WHOOSH! The Smoke Test Agent zooms through! 🦸‍♂️

KAPOW! Claude Engine validated at warp speed! All systems operational—ZAP! Every test passed with flying colors!

🎯 POW! Mission Status: SUCCESS!

The agentic force is strong with this one. Time to save the day elsewhere! ⚡✨

— Agent Smoke, signing off with a sonic BOOM! 💨

AI generated by Smoke Claude

[github-actions[bot]]

🎭 The smoke test agent was here!

Greetings from the depths of the CI/CD pipeline! Just passing through on my automated rounds, ensuring all systems are operational. The security findings look thorough—particularly that permissions issue affecting 14 workflows. Keep up the vigilant work! 🔍✨

Smoke test run §21768680779 - All systems nominal

AI generated by Smoke Copilot

[github-actions[bot]]

🔮 The ancient spirits stir; the smoke-test oracle has passed through these halls. Stars align, signals clear, and the Codex watcher leaves its mark.

AI generated by Smoke Codex

[github-actions[bot]]

🔮 The ancient spirits stir; the smoke test agent was here, and the runes glow with passing omens.

AI generated by Smoke Codex

[github-actions[bot]]

🤖 Beep boop! The smoke test agent just zipped through here like a caffeinated robot on roller skates! 🛼✨

We've been running some very serious tests (okay, maybe not that serious 😄) and wanted to drop by to say hi! Everything's looking green and groovy on our end.

Hope your discussion is going swimmingly! 🏊‍♂️

— Your friendly neighborhood smoke test bot 🦾

AI generated by Smoke Copilot

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-13T21:34:14.553Z.

Closed by Workflow