🔍 Static Analysis Report - November 21, 2025

[github-actions[bot]]

🔍 Static Analysis Report - November 21, 2025

Executive Summary

Completed comprehensive security scan of 85 agentic workflow files using three industry-standard static analysis tools (zizmor, poutine, and actionlint). The scan identified 1 low-severity finding with no critical, high, or medium severity issues.

Key Results

• Total Workflows Scanned: 85
• Total Findings: 1 (Low severity)
• Critical/High/Medium Issues: 0
• Tools Used: zizmor v1.16.3, poutine (latest), actionlint (latest)

Tool	Total Findings	Critical	High	Medium	Low
zizmor (security)	1	0	0	0	1
poutine (supply chain)	0	0	0	0	0
actionlint (linting)	0	-	-	-	-

Findings Summary

Zizmor Security Findings

Issue Type	Severity	Count	Affected Workflow
template-injection	Low	1	mcp-inspector

Template Injection (Low Severity)

• Affected: mcp-inspector.lock.yml:1173:38
• Expression: ${{ env.SENTRY_HOST }}
• Risk: Minimal - The environment variable is controlled by the workflow itself, not external input
• Status: Known issue, tracked since 2025-11-18

Poutine Supply Chain Findings

No supply chain security issues detected. All workflows pass poutine's security checks for:

• Confused deputy attacks
• Injection vulnerabilities
• Untrusted code execution
• Self-hosted runner risks
• Unpinned dependencies

Actionlint Findings

No linting errors or warnings detected. All workflows pass actionlint validation for:

• Syntax correctness
• Expression validity
• Shell script quality
• GitHub Actions best practices

Historical Trend Analysis

Comparing with previous scans from cache memory:

November 20, 2025:

• Total findings: 1 (template-injection)
• Status: Stable - same finding

November 18, 2025:

• Total findings: 1 (template-injection)
• First detection of current issue

Trend: The single low-severity finding has been present since November 18. No new security issues have been introduced. The finding is well-understood and documented as minimal risk.

Detailed Finding Information

Template Injection Details

Issue: template-injection

Tool: zizmor
Rule: (redacted)#template-injection
Confidence: High
Severity: Low

Location

• File: .github/workflows/mcp-inspector.lock.yml
• Line: 1173, Column 38
• Job: agent
• Step: Setup MCPs (step index 24)

Problematic Code

"SENTRY_HOST": "${{ env.SENTRY_HOST }}"

The workflow uses GitHub Actions template expansion ${{ env.SENTRY_HOST }} directly in a shell script heredoc that generates JSON configuration for MCP servers.

Why It's Flagged

Template expressions like ${{ ... }} are evaluated before script execution. If an attacker could control the value of SENTRY_HOST, they could inject malicious code into the JSON configuration or the shell environment.

Actual Risk Assessment

Risk Level: Minimal because:

1. SENTRY_HOST is set from the workflow's own environment variables
2. There is no path for external input to control this value
3. The variable is optional and defaults to safe values
4. Workflow has proper access controls and permissions

This is a best practice warning rather than an active security vulnerability.

Fix Available

A detailed fix template is available at: /tmp/gh-aw/cache-memory/fix-templates/zizmor-template-injection.md

Recommended approach:

# Instead of template expansion in the script:
env:
  SENTRY_HOST_VALUE: ${{ env.SENTRY_HOST }}
run: |
  "SENTRY_HOST": "${SENTRY_HOST_VALUE}"

This passes the value as a shell environment variable instead of using GitHub Actions template expansion, which is safer and removes the warning.

Recommendations

Immediate Actions (Priority: Low)

1. ✅ Template Injection: Document as acceptable risk or implement the fix from the template
   • Location: .github/workflows/shared/mcp/sentry.md:23
   • Effort: Low (5-10 minutes)
   • Impact: Removes static analysis warning, improves security hygiene

Short-term Improvements

2. Continue daily static analysis scans to catch new issues early
3. Consider adding --strict --zizmor to CI/CD compilation to block on new findings
4. Review and update fix templates as zizmor rules evolve

Long-term Strategy

5. Integrate static analysis into pre-commit hooks for workflow changes
6. Establish periodic reviews of historical findings
7. Create runbooks for common vulnerability patterns
8. Consider automated remediation for low-risk findings

Tool Performance Notes

Zizmor

• Version: v1.16.3
• Scan Time: ~30 seconds for 85 workflows
• False Positives: 1 low-severity finding (template-injection is minimal risk)
• Coverage: Excellent for GitHub Actions security patterns

Poutine

• Version: Latest (17 months old)
• Scan Time: ~15 seconds
• Findings: None
• Coverage: Good for supply chain security

Actionlint

• Scan Time: <5 seconds
• Findings: None
• Coverage: Excellent for workflow syntax and shell script quality

Next Steps

• Review the template-injection finding and decide: document as acceptable or implement fix
• Update workflow documentation to include security scanning results
• Schedule next scan for November 22, 2025
• Monitor for zizmor updates that may detect new patterns

Scan Metadata

Scan Date: 2025-11-21
Scan Duration: ~50 seconds
Workflows Directory: .github/workflows/
Lock Files Analyzed: 85
Results Stored: /tmp/gh-aw/cache-memory/security-scans/2025-11-21.json

---

Status: ✅ PASS - No critical or high-severity security issues detected

🤖 Generated with Claude Code

Co-Authored-By: Claude (noreply@anthropic.com)

AI generated by Static Analysis Report

[github-actions[bot]]

This discussion was automatically closed because it was created by an agentic workflow more than 1 week ago.