Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request implements a comprehensive markdown security scanner for workflow files to detect and prevent various malicious content injection techniques. The scanner is designed to protect against workflow injection attacks by blocking dangerous patterns when workflows are added via gh aw add, during trial mode, and when importing files during compilation.
Changes:
- Added
ScanMarkdownSecurity()function with detection for 6 categories of threats: Unicode abuse, hidden content, obfuscated links, HTML abuse, embedded files, and social engineering patterns - Integrated security scanning into the workflow add command, trial mode, and import processing during compilation
- Added comprehensive test suite with 40+ test cases covering various attack vectors and edge cases
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/markdown_security_scanner.go | Core implementation of security scanner with pattern detection for multiple attack categories |
| pkg/workflow/markdown_security_scanner_test.go | Comprehensive test suite with coverage for all security categories and edge cases |
| pkg/workflow/compiler_orchestrator_engine.go | Integration of security scanning for imported workflow files during compilation |
| pkg/cli/add_command.go | Security scanning integration when adding workflows via gh aw add |
| pkg/cli/trial_repository.go | Security scanning integration for trial mode workflow installation |
| docs/src/content/docs/reference/markdown.md | Documentation of security scanning feature and threat categories |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
pelikhan
reviewed
Feb 12, 2026
Contributor
|
Can we have a cli flag to turn it off? |
Contributor
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
This was referenced Feb 12, 2026
This was referenced Feb 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Key Changes
ScanMarkdownSecurity()function inpkg/workflow/markdown_security_scanner.goSecurity Implications
This security scanner provides a robust defense against potential workflow injection attacks by:
gh aw addor trial mode