From 786e5862ca7752cda253429b0e4655a43fcefe07 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sat, 15 Nov 2025 03:37:45 +0000 Subject: [PATCH] docs: Add template injection data flow diagrams and integrate new spec MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Added Mermaid data flow diagram to template-injection-prevention.md - Integrated template injection content into developer.instructions.md - Added "Recent Fixes" section documenting November 2025 security fixes - Total diagrams in consolidated file: 11 (up from 10) - Consolidated file lines: 1338 (up from 1310) Changes: - New data flow diagram comparing unsafe vs safe template patterns - Visual illustration of security risk vs safe environment variable pattern - Reference to copilot-session-insights.md fix 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .../instructions/developer.instructions.md | 28 +++++++++++++++++++ specs/template-injection-prevention.md | 20 +++++++++++++ 2 files changed, 48 insertions(+) diff --git a/.github/instructions/developer.instructions.md b/.github/instructions/developer.instructions.md index abf16a26eee..845b57f7444 100644 --- a/.github/instructions/developer.instructions.md +++ b/.github/instructions/developer.instructions.md @@ -402,6 +402,34 @@ jobs: **Why secure:** Expression is evaluated in controlled context (environment variable assignment). Shell receives value as data, not executable code. +#### Data Flow Comparison + +```mermaid +graph TB + subgraph "Unsafe Pattern" + A1[Untrusted Input] --> B1["Template Expression
${{ ... }}"] + B1 --> C1[Direct Interpolation
into Shell Command] + C1 --> D1[Code Execution Risk] + style D1 fill:#f88,stroke:#f00 + end + + subgraph "Safe Pattern" + A2[Untrusted Input] --> B2["Template Expression
${{ ... }}"] + B2 --> C2[Environment Variable
Assignment] + C2 --> D2[Shell Receives
Data Only] + D2 --> E2[No Code Execution] + style E2 fill:#8f8,stroke:#0f0 + end +``` + +#### Recent Fixes (November 2025) + +Template injection vulnerabilities were identified and fixed in: +- `copilot-session-insights.md` - Step output passed through environment variable +- Pattern: Move template expressions from bash scripts to environment variable assignments + +See `specs/template-injection-prevention.md` for detailed analysis and fix documentation. + #### Secure Pattern: Sanitized Context (gh-aw specific) ```yaml diff --git a/specs/template-injection-prevention.md b/specs/template-injection-prevention.md index fe8b1cc38a3..3f2c8faf03b 100644 --- a/specs/template-injection-prevention.md +++ b/specs/template-injection-prevention.md @@ -38,6 +38,26 @@ steps: By passing the value through an environment variable, the content is treated as data, not executable code. +### Data Flow Comparison + +```mermaid +graph TB + subgraph "Unsafe Pattern" + A1[Untrusted Input] --> B1["Template Expression
${{ ... }}"] + B1 --> C1[Direct Interpolation
into Shell Command] + C1 --> D1[Code Execution Risk] + style D1 fill:#f88,stroke:#f00 + end + + subgraph "Safe Pattern" + A2[Untrusted Input] --> B2["Template Expression
${{ ... }}"] + B2 --> C2[Environment Variable
Assignment] + C2 --> D2[Shell Receives
Data Only] + D2 --> E2[No Code Execution] + style E2 fill:#8f8,stroke:#0f0 + end +``` + ## Changes Made ### copilot-session-insights.md