Skip to content

Flag issue_comment as a dangerous trigger#1614

Open
dguido wants to merge 4 commits intozizmorcore:mainfrom
dguido:feat/issue-1606
Open

Flag issue_comment as a dangerous trigger#1614
dguido wants to merge 4 commits intozizmorcore:mainfrom
dguido:feat/issue-1606

Conversation

@dguido
Copy link
Contributor

@dguido dguido commented Feb 12, 2026
edited
Loading

Pre-submission checks

  • This PR corresponds to an issue (if not, please create one first).
  • I hereby disclose the use of an LLM or other AI coding assistant in the creation of this PR.

Summary

  • Adds issue_comment to the dangerous-triggers audit at Medium severity / Medium confidence (Regular persona), acknowledging it has more legitimate uses than pull_request_target or workflow_run while still flagging the security risk
  • Adds has_issue_comment() method to the Workflow model following existing has_pull_request_target() / has_workflow_run() pattern
  • Enables and populates the previously-stubbed dangerous_triggers integration test module with tests for all three trigger types

Closes #1606

Test Plan

  • issue_comment flagged as bare event (on: issue_comment)
  • issue_comment flagged with event body (on: issue_comment: types: [created])
  • pull_request_target still flagged at High severity
  • workflow_run still flagged at High severity
  • Multiple dangerous triggers in one workflow all reported
  • Safe triggers (push) produce no findings
  • Existing template_injection/issue-418-repro snapshot updated (uses issue_comment)
  • Full integration suite passes (204/204)

dguido and others added 2 commits February 12, 2026 17:49
@dguido @claude
Flag issue_comment as a dangerous trigger
d63c248 
Add issue_comment to the dangerous-triggers audit. Like
pull_request_target and workflow_run, issue_comment workflows run
in the base repository context with access to secrets. Uses
Medium severity / Medium confidence (lower than the existing
High/Medium for pull_request_target and workflow_run) to
acknowledge that issue_comment has more legitimate uses.

Closes zizmorcore#1606

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@dguido @claude
Add bare events list test for issue_comment trigger
0868dbe 
Cover the `on: [push, issue_comment]` (BareEvents) variant to
ensure all three Trigger enum arms are exercised.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@dguido dguido mentioned this pull request Feb 12, 2026
Open
woodruffw
woodruffw requested changes Feb 13, 2026
View reviewed changes
Copy link
Member

@woodruffw woodruffw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm vaguely worried this is going to be too noisy/disruptive, given how common issue_comment is. I'm not inherently opposed to it, but I think I'd like to add more "crater" tests to understand the impact before merging this.

(An alternative would be to push ahead with an approach like #935.)

dguido and others added 2 commits February 19, 2026 00:53
@dguido @claude
Suppress issue_comment findings when job has author_association guard
78ec141 
Instead of flagging every issue_comment workflow unconditionally, analyze
each job for an author_association guard in its `if:` condition. Jobs that
check `github.event.comment.author_association` are suppressed since this
server-controlled field restricts execution to trusted actors.

Findings now point at the unguarded job rather than the workflow's `on:`
key, giving more actionable output.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@dguido @claude
Validate trusted roles in author_association guard and fix trait cont…
8e0a09c 
…ract

Inline issue_comment job-level logic into audit_workflow instead of
overriding both audit_workflow and audit_normal_job, which violated the
trait contract. The guard now also validates that author_association is
compared against a trusted role (OWNER, MEMBER, COLLABORATOR) rather
than suppressing findings for any reference to the context. Remove
duplicate test fixture (issue-comment-no-guard.yml was identical to
issue-comment-bare.yml) and add a weak-guard test for CONTRIBUTOR.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@dguido
Copy link
Contributor Author

dguido commented Feb 19, 2026

Thanks for the review. Pushed a new iteration that addresses code quality issues and should also help with the noise concern:

  • Trait contract fix: Removed the audit_normal_job override and inlined the issue_comment job-level check into audit_workflow. The previous implementation overrode both methods with audit_workflow manually re-dispatching to audit_normal_job, which goes against the trait docs.

  • Trusted-role validation: has_author_association_guard now validates that author_association is compared against a trusted role (OWNER, MEMBER, COLLABORATOR), not just that the context is referenced anywhere in the expression. Previously, a guard like if: github.event.comment.author_association == 'CONTRIBUTOR' would suppress the finding even though CONTRIBUTOR doesn't restrict execution to trusted actors. This should reduce false negatives without adding noise—it only changes behavior for workflows with weak guards.

  • Duplicate fixture removed: issue-comment-no-guard.yml was byte-identical to issue-comment-bare.yml (same code path), so it's been replaced with issue-comment-weak-guard.yml which tests the new trusted-role validation (CONTRIBUTOR guard correctly produces a finding).

Agreed that crater testing before merge makes sense—happy to wait on that. The trusted-role validation in this iteration should make the audit more precise, which may help with the noise concern.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@woodruffw woodruffw woodruffw requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Enhance dangerous-triggers: flag issue_comment as a dangerous trigger

2 participants

@dguido @woodruffw