π¨ Runner-Guard Security Finding
Rule: RGS-012 β Secret Exfiltration via Outbound HTTP Request
Severity: High
File: .github/workflows/visual-regression-checker.lock.yml
Lines: 406, 745
Description
A run: block contains outbound HTTP request commands (curl/wget/httpie/fetch) targeting a non-GitHub domain in a job context that has access to secrets or publishing capabilities. This pattern is a strong indicator of potential credential exfiltration β the primary objective of most GitHub Actions supply-chain attacks.
Attackers who achieve code execution in a CI runner (via expression injection, fork checkout, or compromised action) use outbound HTTP requests to exfiltrate stolen secrets to attacker-controlled infrastructure.
Affected File
visual-regression-checker.lock.yml β 8 occurrences
Flagged Pattern
Line 406 (wait for dev server):
- name: Wait for dev server
run: |-
for i in $(seq 1 30); do
# HTTP request to local/external service
...
doneLine 745 (Copilot CLI execution step β flagged due to proximity to secret access):
- name: Execute GitHub Copilot CLI
# Has access to GITHUB_TOKEN, COPILOT_GITHUB_TOKEN, etc.
Impact
The combination of external HTTP requests with secret access in a workflow context is a high-confidence indicator of either:
- Active exploitation of another vulnerability in this workflow
- A pattern that could be exploited if the workflow is compromised
Even if the current HTTP calls are legitimate (e.g., checking if a dev server is running), the workflow's access to secrets combined with outbound HTTP capability creates a dangerous attack surface.
Remediation
- Review all outbound HTTP calls in
visual-regression-checker.lock.yml to confirm they target only trusted, known domains.
- Restrict network access using a network firewall or
egress-filter if available.
- Separate secret access from network operations: Structure the workflow so that steps with secret access don't share a job with steps making external HTTP calls, where possible.
- Pin external domains: If curl/wget must be used, document and allowlist the target domains.
# Document the intent clearly
- name: Check local dev server readiness
# This step only connects to localhost:3000 β not external
run: |-
for i in $(seq 1 30); do
curl --fail (localhost/redacted) && break || sleep 2
done
Detected by runner-guard v2.6.0 β CI/CD source-to-sink vulnerability scanner
Workflow run: https://github.com/github/gh-aw/actions/runs/25538644099
Generated by Static Analysis Report Β· β 438.8K Β· β·
π¨ Runner-Guard Security Finding
Rule: RGS-012 β Secret Exfiltration via Outbound HTTP Request
Severity: High
File:
.github/workflows/visual-regression-checker.lock.ymlLines: 406, 745
Description
A
run:block contains outbound HTTP request commands (curl/wget/httpie/fetch) targeting a non-GitHub domain in a job context that has access to secrets or publishing capabilities. This pattern is a strong indicator of potential credential exfiltration β the primary objective of most GitHub Actions supply-chain attacks.Attackers who achieve code execution in a CI runner (via expression injection, fork checkout, or compromised action) use outbound HTTP requests to exfiltrate stolen secrets to attacker-controlled infrastructure.
Affected File
visual-regression-checker.lock.ymlβ 8 occurrencesFlagged Pattern
Line 406 (wait for dev server):
Line 745 (Copilot CLI execution step β flagged due to proximity to secret access):
Impact
The combination of external HTTP requests with secret access in a workflow context is a high-confidence indicator of either:
Even if the current HTTP calls are legitimate (e.g., checking if a dev server is running), the workflow's access to secrets combined with outbound HTTP capability creates a dangerous attack surface.
Remediation
visual-regression-checker.lock.ymlto confirm they target only trusted, known domains.egress-filterif available.Detected by runner-guard v2.6.0 β CI/CD source-to-sink vulnerability scanner
Workflow run: https://github.com/github/gh-aw/actions/runs/25538644099