Add daily malicious code scan workflow with code-scanning alerts

[Copilot]

Implements an agentic workflow that runs daily to detect malicious code patterns in the last 3 days of commits. Suspicious findings generate code-scanning alerts (SARIF format) instead of issues, ensuring visibility in GitHub Security tools.

Changes

New workflow: .github/workflows/daily-malicious-code-scan.md

• Triggers: Daily at 9 AM UTC + manual dispatch
• Engine: Copilot with bash tools and GitHub API (repos, code_security toolsets)
• Analysis window: Last 3 days via git fetch --unshallow
• Safe output: create-code-scanning-alert with driver "Malicious Code Scanner"
• Strict mode enabled, 15-minute timeout

Detection patterns

1. Secret exfiltration: Environment variable access + network requests, base64 encoding
2. Out-of-context code: Unusual imports, files in unexpected directories
3. Suspicious operations: Sensitive file access, privilege escalation attempts
4. Obfuscation: Hex/base64 strings, obscure naming
5. Data leakage: Secrets in logs, unauthorized telemetry

Alert structure

Generates SARIF alerts with:

• Rule ID (e.g., malicious-code-scanner/secret-exfiltration)
• Severity (error/warning/note) based on threat score (0-10)
• File path, line number, detailed description with remediation steps

Example alert output:

{
  "create_code_scanning_alert": [{
    "rule_id": "malicious-code-scanner/secret-exfiltration",
    "message": "Potential secret exfiltration detected",
    "severity": "error",
    "file_path": "pkg/agent/feature.go",
    "start_line": 42,
    "description": "**Threat Score: 9/10**\n\nEnvironment variable access followed by external network request to unapproved domain..."
  }]
}

Alerts appear in Security tab → Code scanning, integrated with PR checks.

Original prompt

Absolutely, let’s put it all together.

⸻

Daily Malicious Code Scan Workflow

Description:
This agentic workflow runs once a day and reviews all code changes made in the last three days. It specifically looks for suspicious patterns that could indicate malicious agentic threats—like attempts to exfiltrate secrets or code that doesn’t fit the project’s normal context.

Action:
If the workflow detects anything suspicious, it will generate a code-scanning alert rather than just creating a standard issue. This ensures that the alert is visible as a security concern directly in the code-scanning tools.

⸻

There you go! You can copy that and use it as your markdown prompt. Let me know if you need any more tweaks.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Pull request overview

This PR adds a daily automated security workflow that scans the repository for malicious code patterns in recent commits. The workflow uses GitHub Copilot to analyze the last 3 days of changes and generates code-scanning alerts in SARIF format when suspicious patterns are detected, integrating with GitHub's Security tab.

Key Changes:

• Daily scheduled scan (9 AM UTC) with manual trigger option
• Analyzes patterns like secret exfiltration, out-of-context code, suspicious system operations, and obfuscation
• Uses safe-outputs mechanism to create code-scanning alerts with detailed threat descriptions
• Configured with strict mode, 15-minute timeout, and proper permission separation

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The bash tools configuration is unrestricted (bash: with no allowlist), which conflicts with strict mode security requirements. According to the Developer Instructions (Guideline ID: 1000002), strict mode enforces bash tool restrictions. While validateStrictBashTools() is documented, unrestricted bash access in strict mode creates a security vulnerability.

Recommendation: Add an explicit allowlist of bash commands needed for security scanning:

bash:
  - "git:*"
  - "grep:*"
  - "find:*"
  - "cat"
  - "echo"
  - "date"
  - "sort"
  - "uniq"

This follows the pattern used in other strict mode workflows like tidy.md (line 35: bash: ["make:*", "git restore:*", "git status"]).

[Copilot]

The shell script has an unquoted variable expansion that violates SC2086. The variable $file on line 78 should be quoted to prevent globbing and word splitting vulnerabilities.

Security Impact: Unquoted variables can lead to unexpected behavior if filenames contain spaces, wildcards, or special characters. This is especially critical in a security scanner that processes untrusted input from git history.

Fix:

grep -E "(curl|wget|fetch|http\.get|requests\.)" /tmp/changed_files.txt | while read -r file; do

Also add -r flag to read command for proper handling of backslashes. Reference: Developer Instructions Guideline ID 1000002 - Shell Script Best Practices.

[Copilot]

The shell script has multiple unquoted variable expansions that violate SC2086 and security best practices. According to Developer Instructions (Guideline ID: 1000002), all variable expansions must be quoted to prevent globbing and word splitting.

Issues:

• Line 79: "$file" should be used instead of $file in the condition
• Line 82: "$file" should be quoted in both grep commands
• Line 84: $file should be quoted in the echo statement

Fix:

  if [ -f "$file" ]; then
    echo "Checking: $file"
    # Check for secrets + network combination
    if grep -i "secret\|token\|password\|key" "$file" >/dev/null && \
       grep -E "curl|wget|http|fetch" "$file" >/dev/null; then
      echo "WARNING: Potential secret exfiltration in $file"
    fi
  fi

[Copilot]

The shell script has an unquoted variable in the read command. According to SC2086 and Developer Instructions (Guideline ID: 1000002), the variable should use -r flag and the loop variable should be handled properly.

Fix:

git log --since="3 days ago" --diff-filter=A --name-only --pretty=format: | \
  sort | uniq | while read -r file; do

Adding -r prevents backslash escapes from being interpreted, which is critical for security scanners processing potentially malicious file paths.

[Copilot]

The shell script has unquoted variable expansions in multiple locations. According to SC2086 and Developer Instructions (Guideline ID: 1000002), all variable expansions must be quoted.

Issues:

• Line 103: "$file" should be quoted in the condition
• Line 108, 109: "$file" should be quoted in grep and echo commands
• Line 114, 115: "$file" should be quoted in grep and echo commands

Fix:

  if [ -f "$file" ]; then
    # Check if file is in an unusual location for its type
    case "$file" in
      *.go)
        # Go files outside expected directories
        if ! echo "$file" | grep -qE "^(cmd|pkg|internal)/"; then
          echo "WARNING: Go file in unusual location: $file"
        fi
        ;;
      *.js|*.cjs)
        # JavaScript outside expected directories
        if ! echo "$file" | grep -qE "^(pkg/workflow/js|scripts)/"; then
          echo "WARNING: JavaScript file in unusual location: $file"
        fi
        ;;
    esac
  fi

[Copilot]

Missing network: configuration in strict mode. According to the Developer Instructions (Guideline ID: 1000002), strict mode requires explicit network configuration. The validateStrictNetwork() function will fail compilation if network: is not specified.

Issue: This workflow enables strict: true (line 21) but doesn't define network permissions, violating the strict mode requirement that "requires explicit network configuration and refuses '*' wildcard."

Recommendation: Add network configuration based on what the security scanner needs:

network:
  allowed:
    - defaults  # Basic infrastructure only

Or if no external network access is needed:

network: {}  # No network access

Reference: pkg/workflow/strict_mode_validation.go lines 77-99.