security: extract tokens and secrets from run blocks into env mappings by Copilot · Pull Request #24746 · github/gh-aw

Copilot · 2026-04-05T15:17:05Z

422 instances of ${{ secrets.* }} and ${{ github.token }} were interpolated directly into run: blocks, embedding the raw value into the shell script before execution. Moving them to env: mappings passes the value as data, preventing shell injection if a token contains metacharacters.

Root cause (411 of 422 instances)

pkg/workflow/git_configuration_steps.go — token was directly interpolated into the git remote URL:

// Before
fmt.Sprintf("          git remote set-url origin \"******${SERVER_URL_STRIPPED}/${REPO_NAME}.git\"\n", token)

// After — token moved to env block
fmt.Sprintf("          GITHUB_TOKEN: %s\n", token),
// ...
"          git remote set-url origin \"https://x-access-token:${GITHUB_TOKEN}@${SERVER_URL_STRIPPED}/${REPO_NAME}.git\"\n",

All 181 lock files regenerated via make recompile.

MCP HTTP header secrets (3 instances — TAVILY, SENTRY)

pkg/workflow/mcp_config_custom.go — secret replacement in HTTP MCP server headers was gated on renderer.RequiresCopilotFields, so Claude/Codex engine workflows emitted "Authorization": "****** secrets.TAVILY_API_KEY }}" verbatim. Removed the gate; secrets are now replaced with \${VAR} passthrough syntax for all engines.

Safe-outputs config heredoc (2 instances — GH_AW_SIDE_REPO_PAT, GH_AW_PROJECT_GITHUB_TOKEN)

pkg/workflow/mcp_setup_generator.go — github-token values in the config.json heredoc were expanded by GitHub Actions before the shell ran. Now:

Secrets are extracted from the JSON and emitted as step env: entries
${{ secrets.X }} replaced with ${X} in the JSON content
Heredoc delimiter changed from quoted (<< 'EOF') to unquoted (<< EOF) so the shell expands the env var references

Hand-written workflow files (6 instances)

ci.yml — docker login: echo "${{ github.token }}" → echo "${GITHUB_TOKEN}" with env: GITHUB_TOKEN: ${{ github.token }}
permissions.yml — five curl -H "Authorization: ****** secrets.GITHUB_TOKEN }}" calls each given a step-level env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

https://api.github.com/graphql
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw grep /usr/bin/grep grep -q << ' grep /usr/bin/grep << ' grep /usr/bin/grep grep (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw grep /usr/bin/grep grep -q << ' grep x_amd64/cgo << ' grep /usr/bin/grep x_amd64/cgo (http block)
- Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw grep /usr/bin/grep grep -q << ' grep x_amd64/link << ' grep /usr/bin/grep x_amd64/link (http block)
https://api.github.com/orgs/test-owner/actions/secrets
- Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name go1.25.8 -c=4 -nolocalimports -importcfg /tmp/go-build1687309931/b396/importcfg -pack /tmp/go-build1687309931/b396/_testmain.go /hom�� k/gh-aw/gh-aw/pk-test.run=TestGitConfig|TestGitCred|TestMCPConfig|TestSafeOutputs|TestSecretExtr/bin/sh **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti/tmp/go-build1687309931/b396/cli.test /opt/hostedtoolc-importcfg (http block)
- Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name go1.25.8 -c=4 -nolocalimports -importcfg /tmp/go-build1567836297/b395/importcfg -pack /tmp/go-build1567836297/b395/_testmain.go rev-�� -aw-actions/git/ref/tags/v0.1.2 git /usr/bin/git /tmp/TestGuardPo/opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/link config /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE ode_modules/.bin-lang=go1.21 GOINSECURE GOMOD GOMODCACHE go (http block)
https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha user.email test@example.com /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go /usr/bin/git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --git-dir git /usr/bin/git --show-toplevel git x_amd64/link git rev-�� --show-toplevel l /usr/bin/git --show-toplevel git /usr/bin/gh git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha ache/node/24.14.--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/bash --show-toplevel git /usr/bin/git bash --no�� --noprofile git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v3
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha ErrorFormatting2421038607/001 --stdin /usr/bin/gh te-expressions-igit --all --quiet gh api runs/20260405-153735-46964/test-213368607 --jq /usr/bin/infocmp k/gh-aw/gh-aw/pkgit k/gh-aw/gh-aw/pkrev-parse 64/bin/go infocmp (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha k/gh-aw/gh-aw/.github/workflows/artifacts-summary.md -test.timeout=10m0s /usr/bin/git --show-toplevel git /usr/bin/git git -C ons-test520668649 remote /usr/bin/git heckout/git/ref/git git /usr/bin/git /usr/bin/git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git _cod�� --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v5
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha 001/test-complex-frontmatter-with-tools.md GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 072/001/stability-test.md DefaultBranchFromLsRemoteWithRealGitbranch_with_hyphen1869495243/001' .cfg GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha xterm-color xvLX0kW/sVnmb7t6rev-parse /usr/bin/git -json GO111MODULE ache/go/1.25.8/x--show-toplevel git rev-�� --show-toplevel go /usr/bin/git 691299422 GO111MODULE x_amd64/compile git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel e/git /usr/bin/git -json GO111MODULE x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git -json GO111MODULE (http block)
https://api.github.com/repos/actions/checkout/git/ref/tags/v6
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha master go /usr/bin/git -json GO111MODULE x_amd64/asm git init�� GOMODCACHE x_amd64/asm /usr/bin/git -json GO111MODULE x_amd64/compile git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha /home/REDACTED/work/gh-aw/gh-aw/pkg/sliceutil/sliceutil.go /home/REDACTED/work/gh-aw/gh-aw/pkg/sliceutil/sliceutil_test.go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE x_amd64/link git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha -aw-actions/git/ref/tags/v1.2.3 go /usr/bin/git -json GO111MODULE /opt/hostedtoolc--show-toplevel git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE /opt/hostedtoolc--show-toplevel git (http block)
https://api.github.com/repos/actions/github-script/git/ref/tags/v8
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha k/gh-aw/gh-aw/pkGOSUMDB k/gh-aw/gh-aw/pkGOWORK 64/bin/go iles use Prettie/opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile GOWORK 64/bin/go /opt/hostedtoolc-trimpath -o rt -trimpath 64/bin/go -p main -lang=go1.25 go (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --check **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-test.paniconexit0 /opt/hostedtoolc-test.v=true -o /tmp/go-build104-test.timeout=10m0s -trimpath 64/bin/go -p github.com/githuconfig -lang=go1.25 go (http block)
https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha user.email resolved$ /usr/bin/git Gitbranch_with_hgit Gitbranch_with_hrev-parse x_amd64/compile git rev-�� --git-dir x_amd64/compile /usr/bin/git -json GO111MODULE x_amd64/link git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel e/git /usr/bin/git --show-toplevel git /opt/hostedtoolc--show-toplevel git bran�� --show-current node ache/node/24.14.1/x64/bin/node install --package-lock-orev-parse /usr/bin/git ache/node/24.14.1/x64/bin/node (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha --show-toplevel git ache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node t-31�� bility_SameInputSameOutput2409923230/001/stability-test.md git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel /tmp/go-build156rev-parse /usr/bin/git node (http block)
https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha GOMODCACHE resolved$ /usr/bin/git -json GO111MODULE 64/bin/go git conf�� user.name Test User /usr/bin/git -json GO111MODULE x_amd64/compile git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel git /usr/bin/git --show-toplevel git /home/REDACTED/go/--show-toplevel git chec�� -b test-branch om/testorg/testrepo.git install --package-lock-orev-parse x_amd64/compile git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node js/f�� /opt/hostedtoolc--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node nPathSetup_Goroogit /opt/hostedtoolcrev-parse /usr/bin/git node (http block)
https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha 999 k/gh-aw/gh-aw/pkg/repoutil/repoutil_test.go 1/x64/bin/node GOSUMDB GOWORK 64/bin/go /tmp/go-build1687309931/b417/logger.test t-ha�� ithub/workflows/blog-auditor.md -test.v=true 1/x64/bin/node -test.timeout=10git -test.run=^Test -test.short=true--show-toplevel 1/x64/bin/node (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha -t: -k 7836297/b431/vet.cfg --show-toplevel git /usr/bin/git /bin/sh -c git-upload-pack '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitmain_branch789534392/001' git-upload-pack '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitmain_branch789534392/001' t --show-toplevel /tmp/go-build168rev-parse /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git /usr/bin/gh js graphql -f 64/pkg/tool/linux_amd64/compile -f owner=github -f 64/pkg/tool/linux_amd64/compile (http block)
https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha << ' grep /usr/bin/grep << ' grep /usr/bin/grep grep -q << ' grep x_amd64/compile << ' grep /usr/bin/grep x_amd64/compile (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha << ' grep /usr/bin/grep << ' grep /usr/bin/grep grep -q << ' grep /usr/bin/grep << ' grep /usr/bin/grep grep (http block)
- Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha curity-hardening-f cfg repository(owne-f << ' grep /usr/bin/grep flow.test 4933�� cat > .*/safeoutputs/config.json << ' grep ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet estGitCredential/usr/bin/git grep /usr/bin/grep ache/go/1.25.8/x^remote\..*\.gh-resolved$ (http block)
https://api.github.com/repos/github/gh-aw
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility << ' grep x_amd64/vet << ' grep /usr/bin/grep x_amd64/vet -q -extract-tokens grep r: $owner, name: $name) { hasDiscussionsEnabled } } << ' grep /usr/bin/grep grep (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility ithub/workflows 331455/b267/vet.cfg p/bin/bash << ' grep ed } } /opt/hostedtoolcrev-parse -o ithub/workflows -trimpath r: $owner, name: $name) { hasDiscussionsEnabled } } -p github.com/stretimage -lang=go1.17 /opt/hostedtoolcmcp/markitdown (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha -b test-branch /usr/bin/git Gitbranch_with_hgit Gitbranch_with_hrev-parse 64/bin/go git conf�� user.name Test User /usr/bin/git 01 GO111MODULE x_amd64/vet git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --show-toplevel git /usr/lib/git-core/git ster.patch git /opt/hostedtoolc--show-toplevel /usr/lib/git-core/git main�� run --auto /usr/bin/git --detach --package-lock-orev-parse x_amd64/link git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel git /usr/bin/git node js/f�� /opt/hostedtoolc--show-toplevel git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel /opt/hostedtoolcrev-parse /usr/bin/git node (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha k/gh-aw/gh-aw/.github/workflows GOPROXY /usr/lib/git-core/git-upload-pack GOSUMDB GOWORK 64/bin/go git-upload-pack /tmp�� GOMODCACHE go e/git -json GO111MODULE 64/bin/go e/git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha s/^session\.gc_maxlifetime=$.*$$/\1/p 1/x64/bin/npm /usr/lib/git-core/git --show-toplevel x_amd64/link /usr/bin/git /usr/lib/git-core/git main�� run --auto /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile --detach LR/8mmj9XTBHklSnrev-parse /usr/bin/git /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git js --show-toplevel git 64/pkg/tool/linux_amd64/link --show-toplevel git /usr/bin/git 64/pkg/tool/linux_amd64/link (http block)
https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha --noprofile GOPROXY /usr/bin/git GOSUMDB GOWORK 64/bin/go git ls-r�� --symref l /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha g/cli git /usr/lib/git-core/git plate-expressiongit git /usr/bin/git /usr/lib/git-core/git rev-�� --objects l /usr/bin/git --exclude-hiddengit --all --quiet git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git git js heckout/git/ref/tags/v5 git kflow.test --git-dir git /usr/bin/git kflow.test (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE stants.test GOINSECURE GOMOD GOMODCACHE stants.test (http block)
- Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE ache/go/1.25.8/x-nolocalimports GOINSECURE GOMOD GOMODCACHE go env 3086220184 go ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/1/artifacts --jq .artifacts[].name git /usr/bin/git --show-toplevel go /usr/bin/git git rev-�� --show-toplevel git ache/go/1.25.8/x64/pkg/tool/linux_amd64/link --show-toplevel les.test /usr/bin/git ache/go/1.25.8/x64/pkg/tool/linux_amd64/link (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env /workflows GO111MODULE x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link (http block)
- Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/link env -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12345/artifacts --jq .artifacts[].name stmain.go 1/x64/bin/node --show-toplevel ortcfg /usr/bin/git ache/go/1.25.8/x64/pkg/tool/linux_amd64/vet t-ha�� ithub/workflows/agentic-observability-kit.md git /usr/bin/git --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env /workflows ne_constants.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linutest@example.com (http block)
- Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/12346/artifacts --jq .artifacts[].name git /usr/bin/git --show-toplevel J_/CWrYu2czG7Ca7/tmp/fuzz-expr-2335856089.js /usr/bin/git git rev-�� /v2.0.0 '/tmp/TestParseDefaultBranchFromLsRemoteWithRealGitmain_branch789534392/001' /usr/bin/git --show-toplevel 64/pkg/tool/linurev-parse /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env til.go o 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile (http block)
- Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 3086220184 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/2/artifacts --jq .artifacts[].name git /usr/bin/git --show-toplevel go /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel tutil.test /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
- Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 3086220184 GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/3/artifacts --jq .artifacts[].name git e/git-upload-pack --show-toplevel go /usr/bin/git git faul�� --show-toplevel git /usr/bin/git --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/4/artifacts --jq .artifacts[].name git 1/x64/bin/node --show-toplevel go /usr/bin/git e/git t-ha�� ithub/workflows/archie.md git /usr/bin/git --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env l.go l_test.go x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link (http block)
- Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api --paginate repos/{owner}/{repo}/actions/runs/5/artifacts --jq .artifacts[].name git /usr/bin/git --show-toplevel go /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --show-toplevel go /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/actions/workflows
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path wkVg/J2auhMgRsiLGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 6480821/b420/impGOPROXY /hom�� che/go-build/f9/GOSUMDB **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti-test.paniconexit0 /opt/hostedtoolc-test.v=true (http block)
- Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 /opt/hostedtoolc-o 64/bin/go go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE yCb5uin/R9c9fSCKrev-parse (http block)
- Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE go env " GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel go /usr/bin/git 733102/001 GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -json GO111MODULE ache/go/1.25.8/xgit-upload-pack 'origin' git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha /usr/lib/git-cor/home/REDACTED/work/gh-aw/gh-aw/pkg/cli git /opt/hostedtoolcache/node/24.14.1/x64/bin/node --show-toplevel /usr/lib/git-correv-parse 64/pkg/tool/linu--show-toplevel /opt/hostedtoolcache/node/24.14.1/x64/bin/node /tmp�� github.event.inputs.tag 64/pkg/tool/linux_amd64/vet /usr/bin/git --show-toplevel git 64/pkg/tool/linugit-upload-pack 'origin' git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel git 1/x64/bin/node --show-toplevel git /usr/bin/git 1/x64/bin/node rev-�� --show-toplevel git /usr/bin/git --show-toplevel git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env -json GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.g/tmp/go-build1567836297/b433/timeutil.test go ache/node/24.14.-test.paniconexit0 git rev-�� lex-frontmatter-with-tools.md ache/node/24.14.1/x64/bin/node /usr/bin/git ere remote.origin.urconfig (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha --show-toplevel git /usr/bin/git ons-test52066864node git /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git /opt/hostedtoolcnode git /usr/bin/git git (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha /tmp/go-build104-p -trimpath 64/bin/go -p main -lang=go1.25 go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha --show-toplevel git /usr/bin/git k/gh-aw/gh-aw/.ggit _value"]."\n"; /usr/bin/git git rev-�� --show-toplevel git /usr/bin/git --get remote.origin.urremote (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile er_b�� -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha rt -trimpath 64/bin/go -p main -lang=go1.25 go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE iptables (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha /tmp/go-build104-p -trimpath 64/bin/go -p github.com/githuworkflow -lang=go1.25 go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha /tmp/go-build104-p -trimpath 64/bin/go -p github.com/githuapi -lang=go1.25 go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE iptables (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha --show-toplevel 7309931/b453/importcfg /usr/bin/git k/gh-aw/gh-aw/scgit k/gh-aw/gh-aw/sc-C /usr/bin/git git er_b�� --show-toplevel git /usr/bin/git --show-toplevel go /usr/bin/git git (http block)
- Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha e_wasm.s GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha << ' grep $name) { hasDiscussionsEnabled } } << ' grep /usr/bin/grep grep -q << ' grep x_amd64/vet << ' grep /usr/bin/grep x_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha cat > .*/safeoutputs/config.json-f grep $name) { hasDiscussionsEnabled } } << ' grep /usr/bin/grep ache/go/1.25.8/xrev-parse (http block)
https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha edOutput1492853676/001 GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet env 001/test-empty-frontmatter.md GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha --show-toplevel git e/git --get (http block)
- Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha tags/v5 /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git ithub-script/gitnode -buildtags /usr/bin/gh git rev-�� --show-toplevel gh /usr/bin/git /repos/actions/gnode --jq /usr/bin/git git (http block)
https://api.github.com/repos/nonexistent/repo/actions/runs/12345
- Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE ache/go/1.25.8/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
- Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --show-toplevel ache/go/1.25.8/xrev-parse /usr/bin/git git rev-�� runs/20260405-153932-52443/test-3331821149/.github/workflows git ache/node/24.14.1/x64/bin/node --show-toplevel go /usr/bin/git find (http block)
- Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion -p hash/fnv -lang=go1.25 /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile -o runs/20260405-154609-86950/test-3223923402/.github/workflows -trimpath /usr/lib/git-core/git -p vendor/golang.orrev-parse -lang=go1.25 /usr/lib/git-core/git (http block)
https://api.github.com/repos/owner/repo/actions/workflows
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE 6480821/b408/impGOPROXY /hom�� che/go-build/be/GOSUMDB **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti/tmp/go-build1687309931/b410/_pkg_.a /opt/hostedtoolc-trimpath (http block)
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -importcfg /tmp/go-build1687309931/b413/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/pkg/gitutil/gitutil.go /home/REDACTED/work/gh-aw/gh-aw/pkg/gitutil/gitutil_test.go /hom�� k/gh-aw/gh-aw/pkGOSUMDB k/gh-aw/gh-aw/pkGOWORK 64/bin/go **/*.json --ignore-path ../../../.pretti--show-toplevel /opt/hostedtoolcache/go/1.25.8/xGO111MODULE (http block)
- Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo /usr/bin/git . l epo.git git rev-�� --show-toplevel e/git /usr/bin/git /tmp/TestGuardPo/tmp/go-build1567836297/b395/constants.test s/12345/artifact-test.testlogfile=/tmp/go-build1567836297/b395/testlog.txt /usr/bin/git git (http block)
https://api.github.com/repos/owner/repo/contents/file.md
- Triggering command: /tmp/go-build1687309931/b396/cli.test /tmp/go-build1687309931/b396/cli.test -test.testlogfile=/tmp/go-build1687309931/b396/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env sFd2/n2kBjSJ-Hp0GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 6480821/b422/impGOPROXY (http block)
- Triggering command: /tmp/go-build1567836297/b223/cli.test /tmp/go-build1567836297/b223/cli.test -test.testlogfile=/tmp/go-build1567836297/b223/testlog.txt -test.paniconexit0 -test.timeout=10m0s rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/compile /usr/bin/git ithub/workflows/git -trimpath ache/node/24.14.--show-toplevel git rev-�� --show-toplevel /opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet /usr/bin/git PATH"; [ -n "$GOgit -buildtags /usr/bin/git git (http block)
- Triggering command: /tmp/go-build2114457894/b396/cli.test /tmp/go-build2114457894/b396/cli.test -test.testlogfile=/tmp/go-build2114457894/b396/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true -nolocalimports -importcfg /tmp/go-build1086152539/b155/importcfg -pack env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
https://api.github.com/repos/test-owner/test-repo/actions/secrets
- Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name sTgb/Yr-IEH7B-fEGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 6480821/b417/impGOPROXY -c k/gh-aw/gh-aw/pkGOSUMDB k/gh-aw/gh-aw/pkGOWORK 64/bin/go GOSUMDB GOWORK 64/bin/go /opt/hostedtoolc-importcfg (http block)
- Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name go1.25.8 -c=4 -nolocalimports -importcfg /tmp/go-build1567836297/b223/importcfg -pack /tmp/go-build1567836297/b223/_testmain.go rev-�� --show-toplevel git /usr/bin/git /tmp/TestGuardPo/opt/hostedtoolcache/go/1.25.8/x64/pkg/tool/linux_amd64/vet (http block)
- Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

- Move GITHUB_TOKEN from direct shell interpolation to env var in generateGitConfigurationStepsWithToken (fixes 411 generated lock files) - Remove RequiresCopilotFields restriction for MCP header secret replacement so Bearer tokens are replaced for all engines (fixes TAVILY/SENTRY in Claude engine workflows) - Extract secrets from safe-outputs config.json heredoc to env vars with unquoted heredoc (fixes GH_AW_SIDE_REPO_PAT/GH_AW_PROJECT_GITHUB_TOKEN) - Fix docker login in ci.yml to use GITHUB_TOKEN env var - Fix 5 curl Authorization headers in permissions.yml to use GITHUB_TOKEN env var - Update golden test files and unit tests to reflect new patterns" Agent-Logs-Url: https://github.com/github/gh-aw/sessions/61ddda23-559c-4e71-886d-08b2a0007a03 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot

Pull request overview

Hardens generated GitHub Actions workflows by preventing direct interpolation of secrets/tokens into run: scripts, instead passing them via env: and using env-var references in generated commands/config.

Changes:

Update generated git-credential steps to set GITHUB_TOKEN via env: and reference ${GITHUB_TOKEN} in the remote URL.
Update custom HTTP MCP config rendering to extract header secrets for all engines and emit \${VAR} passthrough references plus env entries.
Regenerate workflow lockfiles and golden fixtures to reflect the new token/secret handling (plus a small hand-written CI workflow tweak for docker login).

Show a summary per file

File	Description
pkg/workflow/git_configuration_steps.go	Move token to `env` and reference `${GITHUB_TOKEN}` in `git remote set-url`.
pkg/workflow/git_config_test.go	Update unit test expectations for the additional `GITHUB_TOKEN` env line and new URL format.
pkg/workflow/mcp_config_custom.go	Extract/replace HTTP header secrets for all engines and emit passthrough `\${VAR}` + `env` entries in JSON MCP configs.
.github/workflows/ci.yml	Use step-level `env: GITHUB_TOKEN: ${{ github.token }}` for `docker login` rather than interpolating in `run`.
pkg/workflow/testdata/wasm_golden/WasmBinary/basic-copilot.golden	Update golden to include `GITHUB_TOKEN` env and `${GITHUB_TOKEN}` URL usage.
pkg/workflow/testdata/wasm_golden/WasmBinary/with-imports.golden	Update golden to include `GITHUB_TOKEN` env and `${GITHUB_TOKEN}` URL usage.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden	Update golden to include `GITHUB_TOKEN` env and `${GITHUB_TOKEN}` URL usage.
pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden	Update golden to include `GITHUB_TOKEN` env and `${GITHUB_TOKEN}` URL usage.
.github/workflows/workflow-skill-extractor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/workflow-normalizer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/workflow-generator.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/weekly-safe-outputs-spec-review.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/video-analyzer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/update-astro.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/ubuntu-image-analyzer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/typist.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/tidy.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/test-workflow.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/test-project-url-default.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/test-dispatcher.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/test-create-pr-error-handling.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/terminal-stylist.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/super-linter.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/sub-issue-closer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/step-name-alignment.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/static-analysis-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-workflow-call.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-workflow-call-with-inputs.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-test-tools.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-temporary-id.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-service-ports.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-multi-pr.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-gemini.lock.yml	Regenerated lockfile to pass token via `env`, use `${GITHUB_TOKEN}` in git remote URL, and apply MCP header secret passthrough updates where present.
.github/workflows/smoke-copilot.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-copilot-arm.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-codex.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-claude.lock.yml	Regenerated lockfile to pass token via `env`, use `${GITHUB_TOKEN}` in git remote URL, and apply MCP header secret passthrough updates where present.
.github/workflows/smoke-call-workflow.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-agent-scoped-approved.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-agent-public-none.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-agent-public-approved.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-agent-all-none.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/smoke-agent-all-merged.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/slide-deck-maintainer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/sergo.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/semantic-function-refactor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/security-review.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/scout.lock.yml	Regenerated lockfile to pass token via `env`, use `${GITHUB_TOKEN}` in git remote URL, and apply MCP header secret passthrough updates where present.
.github/workflows/schema-feature-coverage.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/schema-consistency-checker.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/safe-output-health.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/research.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/repository-quality-improver.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/repo-tree-map.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/repo-audit-analyzer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/release.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/refiner.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/q.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/python-data-charts.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/prompt-clustering-analysis.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/pr-nitpick-reviewer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/plan.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/pdf-summary.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/org-health-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/notion-issue-summary.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/mergefest.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/mcp-inspector.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/lockfile-stats.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/layout-spec-maintainer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/jsweep.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/issue-triage-agent.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/issue-monster.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/issue-arborist.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/instructions-janitor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/hourly-ci-cleaner.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/grumpy-reviewer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/gpclean.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/go-pattern-detector.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/go-logger.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/go-fan.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/github-remote-mcp-auth-test.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/github-mcp-tools-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/functional-pragmatist.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/firewall.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/example-workflow-analyzer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/example-permissions-warning.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/duplicate-code-detector.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/draft-pr-cleanup.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dictation-prompt.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dev.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dev-hawk.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dependabot-go-checker.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dependabot-burner.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/dead-code-remover.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-workflow-updater.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-team-status.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-team-evolution-insights.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-syntax-error-quality.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-semgrep-scan.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-security-red-team.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-secrets-analysis.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-safe-outputs-conformance.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-safe-output-optimizer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-safe-output-integrator.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-rendering-scripts-verifier.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-regulatory.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-otel-instrumentation-advisor.lock.yml	Regenerated lockfile to pass token via `env`, use `${GITHUB_TOKEN}` in git remote URL, and apply MCP header secret passthrough updates where present.
.github/workflows/daily-observability-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-mcp-concurrency-analysis.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-malicious-code-scan.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-issues-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-function-namer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-file-diet.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-fact.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-doc-updater.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-doc-healer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-compiler-quality.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-cli-tools-tester.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-choice-test.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-assign-issue-to-user.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/daily-architecture-diagram.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/craft.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/copilot-pr-merged-report.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/contribution-check.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/constraint-solving-potd.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/commit-changes-analyzer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/codex-github-remote-mcp-test.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/code-simplifier.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/cloclo.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/cli-version-checker.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/cli-consistency-checker.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/claude-code-user-docs-review.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/ci-doctor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/ci-coach.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/changeset.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/breaking-change-checker.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/brave.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/bot-detection.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/blog-auditor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/auto-triage-issues.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/artifacts-summary.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/archie.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/agentic-observability-kit.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/agent-persona-explorer.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.
.github/workflows/ace-editor.lock.yml	Regenerated lockfile to pass token via `env` and use `${GITHUB_TOKEN}` in git remote URL.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Files reviewed: 190/190 changed files
Comments generated: 0

Initial plan

e87e423

Copilot AI assigned Copilot and pelikhan Apr 5, 2026

Copilot started work on behalf of pelikhan April 5, 2026 15:17 View session

Copilot AI linked an issue Apr 5, 2026 that may be closed by this pull request

CI/CD Security Hardening: Extract tokens and secrets from run blocks into env mappings #24743

Closed

Copilot AI changed the title ~~[WIP] Extract tokens and secrets from run blocks into env mappings~~ security: extract tokens and secrets from run blocks into env mappings Apr 5, 2026

Copilot AI requested a review from pelikhan April 5, 2026 15:53

Copilot finished work on behalf of pelikhan April 5, 2026 15:53

pelikhan marked this pull request as ready for review April 5, 2026 15:57

Copilot AI review requested due to automatic review settings April 5, 2026 15:57

Copilot started reviewing on behalf of pelikhan April 5, 2026 15:59 View session

Copilot AI reviewed Apr 5, 2026

View reviewed changes

pelikhan merged commit db73fef into main Apr 5, 2026
66 of 67 checks passed

pelikhan deleted the copilot/ci-cd-security-hardening-extract-tokens branch April 5, 2026 16:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security: extract tokens and secrets from run blocks into env mappings#24746

security: extract tokens and secrets from run blocks into env mappings#24746
pelikhan merged 2 commits intomainfrom
copilot/ci-cd-security-hardening-extract-tokens

Copilot AI commented Apr 5, 2026 •

edited

Loading

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

Copilot AI commented Apr 5, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Root cause (411 of 422 instances)

MCP HTTP header secrets (3 instances — TAVILY, SENTRY)

Safe-outputs config heredoc (2 instances — GH_AW_SIDE_REPO_PAT, GH_AW_PROJECT_GITHUB_TOKEN)

Hand-written workflow files (6 instances)

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Copilot's findings

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Copilot AI commented Apr 5, 2026 •

edited

Loading