Claude a86ef08036 fix: prevent command injection in workflow example files ...

Fixes command injection vulnerabilities in example workflow files by using
environment variables instead of direct template expansion in shell commands.

This prevents malicious branch names containing command substitution syntax
like $(cmd) from being executed by the shell.

Files fixed:
- examples/ci-failure-auto-fix.yml: github.event.workflow_run.head_branch
- examples/test-failure-analysis.yml: github.event.workflow_run.name and head_branch

2025-12-16 01:37:30 +00:00

4.4 KiB

Raw Blame History

View Raw