🔍 Static Analysis Report - January 5, 2026

[github-actions[bot]]

Analysis Summary

Daily security scan completed for all agentic workflow files using three static analysis tools: zizmor, poutine, and actionlint.

• Tools Used: zizmor (security), poutine (supply chain), actionlint (linting)
• Total Findings: 169
• Workflows Scanned: 125 (123 analyzed by zizmor, all checked by other tools)
• Workflows Affected: 125+ (nearly all workflows have at least one finding)

Findings by Tool

Tool	Total	Critical	High	Medium	Low	Info
zizmor (security)	18	0	0	2	1	15
poutine (supply chain)	128	0	0	0	0	128
actionlint (linting)	23	0	0	0	0	23

Key Observation: Most findings are informational or low severity, indicating good security practices are already in place. The high volume from poutine (128) is due to a single repeated pattern across all workflows.

---

Clustered Findings by Tool and Type

🔒 Zizmor Security Findings

Issue Type	Severity	Count	Affected Workflows
template-injection	Informational	16	11 workflows
excessive-permissions	Medium	1	layout-spec-maintainer.lock.yml
artipacked	Medium	1	release.lock.yml

Medium Severity Issues (Priority):

1. excessive-permissions in layout-spec-maintainer.lock.yml - Job has overly broad permissions
2. artipacked in release.lock.yml - Potential credential persistence through artifacts

📦 Poutine Supply Chain Findings

Issue Type	Severity	Count	Affected Workflows
unverified_script_exec	Info	128	125+ workflows (all)

Pattern: All instances involve the same command:

curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash

This is the installation of the awf (agentic workflow firewall) binary. While marked as "info" level, this represents a supply chain security opportunity for improvement.

✅ Actionlint Linting Issues

Issue Type	Count	Description
expression	19	Undefined properties in expressions (e.g., steps.check_command_position.outputs)
shellcheck	4	Shell script style issues (SC2129: suggest using command grouping)

Common Expression Errors:

• Missing check_command_position step outputs referenced in activation jobs
• Missing bead needs outputs in beads-worker workflow
• Undefined input properties in workflow calls

---

🎯 Top Priority Issues

1. Unverified Script Execution (Poutine - 128 occurrences)

Severity: Info → Upgrade to Medium (Supply Chain Risk)
Impact: All 125+ workflows download and execute installation script without verification
Risk: Man-in-the-middle attacks, compromised source repository, version drift

Recommendation: Implement checksum verification or use pre-built binaries from GitHub releases.

2. Excessive Permissions (Zizmor - 1 occurrence)

Severity: Medium
Workflow: layout-spec-maintainer.lock.yml
Issue: Job-level permissions are overly broad
Reference: (redacted)

Recommendation: Apply principle of least privilege and scope permissions to only what's needed.

3. Credential Persistence (Zizmor - 1 occurrence)

Severity: Medium
Workflow: release.lock.yml
Issue: Potential credential persistence through GitHub Actions artifacts
Reference: (redacted)

Recommendation: Review artifact uploads to ensure no credentials are inadvertently included.

4. Expression Errors (Actionlint - 19 occurrences)

Severity: Error (Linting)
Impact: Workflows may fail or behave unexpectedly at runtime
Common Issue: References to undefined step outputs or workflow inputs

Recommendation: Fix undefined property references in expressions to prevent runtime failures.

---

🔧 Fix Suggestion: Unverified Script Execution

Issue: Shell scripts downloaded from remote URLs without integrity verification
Severity: Info (Supply Chain)
Affected: 128 instances across all 125+ workflows

Current Pattern

curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/main/install.sh | sudo AWF_VERSION=v0.7.0 bash

Recommended Fix Options

Option 1: Checksum Verification (Most Secure)

- name: Install awf binary
  run: |
    EXPECTED_SHA256="(checksum-from-release)"
    curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/v0.7.0/install.sh -o /tmp/install.sh
    ACTUAL_SHA256=$(sha256sum /tmp/install.sh | cut -d' ' -f1)
    
    if [ "$EXPECTED_SHA256" != "$ACTUAL_SHA256" ]; then
      echo "❌ Checksum verification failed!"
      exit 1
    fi
    
    sudo AWF_VERSION=v0.7.0 bash /tmp/install.sh

Option 2: Pin to Commit SHA (Better)

- name: Install awf binary
  run: |
    # Pin to specific commit instead of 'main' branch
    curl -sSL https://raw.githubusercontent.com/githubnext/gh-aw-firewall/(commit-sha)/install.sh | sudo AWF_VERSION=v0.7.0 bash

Option 3: Use Pre-built Binary (Best)

- name: Install awf binary
  run: |
    # Download verified binary from GitHub releases
    curl -sSL https://github.com/githubnext/gh-aw-firewall/releases/download/v0.7.0/awf-linux-amd64 -o /usr/local/bin/awf
    chmod +x /usr/local/bin/awf
    awf --version

Implementation Strategy

Since this pattern is repeated across all workflows via the compilation system:

1. Update the compiler: Modify the workflow compilation system to use Option 3 (pre-built binary) or Option 1 (checksum verification)
2. Recompile all workflows: Run gh aw compile --all to apply the fix to all 125+ workflows automatically
3. Alternative: Create a composite GitHub Action for awf installation with built-in verification

This single fix will resolve all 128 poutine findings at once.

---

Detailed Findings by Workflow (Click to Expand)

Zizmor Findings

template-injection (16 occurrences)

Affected Workflows:

• changeset.lock.yml:1321
• copilot-pr-merged-report.lock.yml:383 (2 instances)
• daily-performance-summary.lock.yml:811 (2 instances)
• github-mcp-tools-report.lock.yml:385
• mcp-inspector.lock.yml:405
• metrics-collector.lock.yml:184
• schema-consistency-checker.lock.yml:321
• smoke-copilot-no-firewall.lock.yml:448 (2 instances)
• smoke-copilot-playwright.lock.yml:541 (2 instances)
• smoke-copilot-safe-inputs.lock.yml:429 (2 instances)
• spec-kit-execute.lock.yml:336

Description: Code injection via template expansion
Severity: Informational (Low risk in most cases)
Reference: (redacted)

These findings flag step names that use GitHub Actions expressions. Most are likely false positives as they use trusted contexts (secrets, configuration) rather than user input. Each should be reviewed to confirm.

excessive-permissions (1 occurrence)

Workflow: layout-spec-maintainer.lock.yml:69
Description: Job has overly broad permissions
Severity: Medium
Reference: (redacted)

The agent job has permissions that are broader than necessary. Apply principle of least privilege.

artipacked (1 occurrence)

Workflow: release.lock.yml:1092
Description: Credential persistence through GitHub Actions artifacts
Severity: Medium
Reference: (redacted)

Review artifact uploads in the release workflow to ensure credentials aren't inadvertently included.

---

Actionlint Findings (Examples)

Expression Errors (19 total)

Example 1: archie.lock.yml:71

property "check_command_position" is not defined in object type

Example 2: beads-worker.lock.yml:1101-1103

property "bead" is not defined in needs object
property "reason" and "state" not defined in inputs

Example 3: brave.lock.yml:62, cloclo.lock.yml:98, craft.lock.yml:58

Multiple workflows reference undefined check_command_position step

Impact: These errors indicate workflow logic issues that may cause runtime failures.

Shellcheck Warnings (4 total)

All in: beads-worker.lock.yml:961

Issue: SC2129 - Style suggestion

Consider using { cmd1; cmd2; } >> file instead of individual redirects

Impact: Code style issue, not a functional problem. Can be safely addressed for better maintainability.

---

📊 Historical Trends

First Scan: This is the baseline scan for the repository.

Future Tracking:

• Scan results saved to /tmp/gh-aw/cache-memory/security-scans/2026-01-05.json
• Vulnerability database maintained in /tmp/gh-aw/cache-memory/vulnerabilities/
• Fix templates available in /tmp/gh-aw/cache-memory/fix-templates/

Subsequent scans will compare against this baseline to track:

• New vulnerabilities introduced
• Issues resolved
• Trends in security posture over time

---

💡 Recommendations

Immediate Actions (Medium Severity)

1. ✅ Fix excessive-permissions in layout-spec-maintainer.lock.yml
2. ✅ Review artipacked finding in release.lock.yml
3. ✅ Fix expression errors in actionlint findings (19 instances)

Short-term Actions (Supply Chain Security)

1. 🔧 Implement checksum verification for awf installation script (128 instances)
   • Option A: Update compiler to use pre-built binaries
   • Option B: Add checksum verification to installation step
   • Option C: Create composite action for verified installation
2. 🔍 Review template-injection findings to confirm they're false positives

Long-term Actions (Process Improvements)

1. 📋 Integrate static analysis into CI/CD
   • Run zizmor, poutine, and actionlint on PRs
   • Block merges for Medium+ severity issues
2. 📚 Update workflow templates
   • Incorporate lessons learned from findings
   • Add secure patterns to workflow creation guidelines
3. 🔄 Establish regular scanning
   • Weekly automated scans
   • Track trends over time
   • Alert on new high/critical issues

---

🎯 Next Steps

• Create issues for Medium severity findings (excessive-permissions, artipacked)
• Fix actionlint expression errors (undefined properties)
• Implement secure awf installation method
• Recompile all workflows with security improvements
• Schedule weekly static analysis scans
• Add security scanning to PR workflow

---

📎 References

• Zizmor Documentation: (redacted)
• Poutine: Supply chain security scanner for GitHub Actions
• Actionlint: https://github.com/rhysd/actionlint
• Fix Templates: Available in /tmp/gh-aw/cache-memory/fix-templates/
• Scan Results: /tmp/gh-aw/cache-memory/security-scans/2026-01-05.json

AI generated by Static Analysis Report