[plan] Fix template injection in single-instance workflows #5754
Description
Objective
Fix template injection vulnerabilities in the four workflows with single instances of the vulnerability by replacing envsubst with safe in-place string substitution.
Context
These workflows each have one instance of the template injection vulnerability where envsubst processes potentially untrusted data.
Affected Workflows
.github/workflows/breaking-change-checker.md- 1 instance.github/workflows/changeset.md- 1 instance.github/workflows/duplicate-code-detector.md- 1 instance
Required Changes
For each workflow, apply the same pattern:
Before (Vulnerable):
env:
GH_AW_NEEDS_*_OUTPUTS_*: ${{ needs.*.outputs.* }}
run: |
cat << 'PROMPT_EOF' | envsubst > "$GH_AW_PROMPT"
[content with $GH_AW_NEEDS_*_OUTPUTS_*]
PROMPT_EOFAfter (Fixed):
env:
GH_AW_NEEDS_*_OUTPUTS_*: ${{ needs.*.outputs.* }}
run: |
# Write template directly to target file with placeholder
cat << 'PROMPT_EOF' > "$GH_AW_PROMPT"
[content with __GH_AW_NEEDS_*_OUTPUTS_*__]
PROMPT_EOF
# Safely substitute using sed
sed -i "s|__GH_AW_NEEDS_*_OUTPUTS_*__|${GH_AW_NEEDS_*_OUTPUTS_*//|/\\|}|g" "$GH_AW_PROMPT"Implementation Steps
- For each workflow file, identify the envsubst usage
- Replace
$VARreferences with__VAR__placeholders in templates - Replace
envsubstcommand with sed-based substitution - Verify no
.templatefiles are created - Recompile all modified workflows:
make recompile
Files to Modify
.github/workflows/breaking-change-checker.md.github/workflows/changeset.md.github/workflows/duplicate-code-detector.md
Acceptance Criteria
- All 3 workflows updated with safe substitution
- envsubst removed from all affected workflows
- Placeholders use
__VAR__format consistently - No
.templatefiles created - All workflows recompiled successfully
- Pass zizmor static analysis scan
Related to [plan] Fix template injection vulnerabilities using in-place string substitution #5752
AI generated by Plan Command for discussion #5735